Coder Social home page Coder Social logo

请教:CC防护没起作用 about openwaf HOT 3 CLOSED

titansec avatar titansec commented on May 26, 2024
请教:CC防护没起作用

from openwaf.

Comments (3)

lesvere avatar lesvere commented on May 26, 2024

以下为 openwaf_access.log

...
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.003 twaf_policy_conf 0bf5aae3d189b492dd7a8b45f0d5d393 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.002 twaf_policy_conf 3bb14a83772c3e1790414d902c11f329 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.001 twaf_policy_conf d3c5dfd0fcf3ea57cdbbdb4b48b0ca5d -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 810 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.012 twaf_policy_conf 87fcff80fdf109045a38b0ab24afcd47 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 810 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.016 twaf_policy_conf 41c7d49907592a0f9e17a121e07dc52e -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.003 twaf_policy_conf da3437ccaae6cc8b62d4d3f13d54388d -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.010 twaf_policy_conf 8a91132ade1bf8f69b5045fa9494d237 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.010 twaf_policy_conf 269ff6c763ef68a51f29e7cca96c6c62 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.008 twaf_policy_conf 3c884dbe4c10910b7e2f443f55d4c1bd -

10.0.0.1 - - [04/Jun/2022:16:00:51 +0800] "GET /?server=mysql HTTP/1.1" 200 5281 "http://adminer.domain.com/?server=mysql&username=root" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" - 172.18.0.8:80 "adminer.domain.com" 0.027 twaf_policy_conf efedd207ed7c02b31e54849511b56645 -
10.0.0.1 - - [04/Jun/2022:16:00:52 +0800] "GET /adminer.css?v=3237994901 HTTP/1.1" 200 16060 "http://adminer.domain.com/?server=mysql" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" - 172.18.0.8:80 "adminer.domain.com" 0.002 twaf_policy_conf e88a995f3eb5578dc57641357c1d1f25 -
10.0.0.1 - - [04/Jun/2022:16:00:52 +0800] "GET /adminer.css?v=3237994901 HTTP/1.1" 200 16060 "http://adminer.domain.com/adminer.css?v=3237994901" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" - 172.18.0.8:80 "adminer.domain.com" 0.002 twaf_policy_conf 8794a7e71aaf89e44700b5e657058c7d -

以下为ab日志:

☁  ~  ab -n 50 -c 8 http://adminer.domain.com/
This is ApacheBench, Version 2.3 <$Revision: 1879490 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking adminer.domain.com (be patient).....done


Server Software:
Server Hostname:        adminer.domain.com
Server Port:            80

Document Path:          /
Document Length:        4503 bytes

Concurrency Level:      8
Time taken for tests:   0.836 seconds
Complete requests:      50
Failed requests:        9
   (Connect: 0, Receive: 0, Length: 9, Exceptions: 0)
Total transferred:      263644 bytes
HTML transferred:       225144 bytes
Requests per second:    59.84 [#/sec] (mean)
Time per request:       133.696 [ms] (mean)
Time per request:       16.712 [ms] (mean, across all concurrent requests)
Transfer rate:          308.12 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.3      0       1
Processing:    23  121  30.6    124     168
Waiting:       22  120  30.6    123     167
Total:         23  121  30.5    124     170

Percentage of the requests served within a certain time (ms)
  50%    124
  66%    129
  75%    132
  80%    134
  90%    158
  95%    163
  98%    170
  99%    170
 100%    170 (longest request)

from openwaf.

lesvere avatar lesvere commented on May 26, 2024

我竟然产生了,放到生产去跑的想法。罪过。

from openwaf.

lesvere avatar lesvere commented on May 26, 2024

nginx -s reload pid飞了。

from openwaf.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.