As the title says, static files can be accessed normally, but PHP is unresponsive
Looking at the nginx log, the same PHP URL is being requested in large numbers. Currently, there are 5 load balancers handling it, each of which receives millions of requests every day. , and the IP addresses are all different.
For the time being, we can only manually block the requested URL in the nginx configuration, but if the attacker changes the address, he will have to manually reconfigure it. Is there any good way to automatically prevent and block this attack?
目测需要购买安全防护。题主可以看看阿里云的云盾,腾讯云的大禹。
硬件防护,没接触过……
如果只是访问并不是实质cc攻击的,实质的cc攻击还需要这些主机还反复且间隔极短的请求这个页面,这才构成DDOS。而防护来说的话最好不要在Web服务器或者脚本程序里做防护(即使做也只能做简单防护),因为这也并不比处理页面所消耗的资源少多少。这种攻击最好交由专门的防火墙程序去防护,这样才是有效且高效的。