As the title says, static files can be accessed normally, but PHP is unresponsive
Looking at the nginx log, the same PHP URL is being requested in large numbers. Currently, there are 5 load balancers handling it, each of which receives millions of requests every day. , and the IP addresses are all different.
For the time being, we can only manually block the requested URL in the nginx configuration, but if the attacker changes the address, he will have to manually reconfigure it. Is there any good way to automatically prevent and block this attack?
Visual inspection requires purchasing safety protection. The questioner can take a look at Alibaba Cloud's Cloud Shield and Tencent Cloud's Dayu.
Hardware protection, never touched...
If just accessing it is not a real CC attack, a real CC attack also requires these hosts to request this page repeatedly and at very short intervals, which constitutes a DDOS. As for protection, it is best not to do protection in the web server or script program (even if you do, you can only do simple protection), because this is not much less than the resources consumed by processing the page. This kind of attack is best protected by a specialized firewall program, so that it can be effective and efficient.