I got two solutions from here: http://pjkh.com/articles/2007/03/15/nginx-and-cronolog/.
But I am not satisfied with the second solution because of some wrong placement with a few log records. I would like use this:
mv /var/log/nginx/access_log /var/log/nginx/access_log.processing -f;
mv /var/log/nginx/error_log /var/log/nginx/error_log.processing -f;
kill -USR1 `cat /usr/local/nginx/logs/nginx.pid`;
/usr/bin/perl /usr/local/awstats/wwwroot/cgi-bin/awstats.pl -LogFile=/var/log/nginx/access_log.processing -update
cat /var/log/nginx/access_log.processing | /usr/local/sbin/cronolog /var/log/nginx/%Y/%m/%d/access_log;
cat /var/log/nginx/error_log.processing | /usr/local/sbin/cronolog /var/log/nginx/%Y/%m/%d/error_log;
rm /var/log/nginx/access_log.processing /var/log/nginx/error_log.processing -f;
2008年是中国痛楚、坚强而又辉煌的一年。温总理的一句“多难兴邦”也许是对过去的一年最贴切的描述。汶川大地震、北京奥运会、南方大雪灾、金融风暴、电信重组,在2008年此起彼伏。
公司已经发展到了20多个人,开始慢慢步入正轨。但是一直想开展的新业务说了一整年仍然没有启动。在金融危机的寒冬里我仍然是在裸泳。
终于结束漫漫的升级“准备”过程,开始实施造人计划了。
买了一辆车,狠下决心把拖了近两年的驾照考完了,开始每天早起送老婆上班。
09年是孕育的一年。
进入coolplayer的后台设置页面:http://xxxx/wp-admin/options- general.php?page=coolplayer/options.php,将“RPC 服务器地址”设置为 http://rocky.blog.kingtch.com/wp-content/plugins/coolplayer/rpc.php 即可。
如果你想使用自己的rpc,可以从这里下载coolplayer- youtube-patch.zip,解压后将rpc.php覆盖原来目录/wp-content/plugins /coolplayer/下的rpc.php文件即可。
Coolcode is a cool plugin which is made by andot. Now it is not compatible with WP 2.6.5. Ifix it, and you can download new version from here.
When using POST method to request via Nginx 0.6.33 without any post body data, you may get this error: 411 Length Required.
Download nginx-0.6.33-length_required patch
Save the attachment and run this command in the root path of nginx 0.6.33 source code:
patch ./src/http/ngx_http_request.c<nginx-0_6_33-length_required.patch
Then "make && make install && sudo /sbin/service nginx restart" and enjoy your AJAX function.
除了告警敦促人工处理SYN、DoS攻击,可以将嫌疑犯先抓起来再说:
netstat -na | grep :80 |awk '{print $5}'|awk -F '::ffff:' '{print $2}' | grep ':' | awk -F: '{print $1}' | sort | uniq -c | sort -r | awk -F' ' '{if ($1 > 50) print $2}' | sed 's/^.*$/iptables -I RH-Firewall-1-INPUT 1 -p tcp -m tcp -s & --dport 80 --syn -j REJECT/' | sh
该脚本基于的基础是认为从一个IP过来的连接数过大(超过50个),则该IP可能在进行攻击。实际上可能误杀掉一些只能通过代理服务器访问的大公司用户,或者某些有点贪心的网络爬虫。可以在脚本中加入一些白名单以防止误杀,如:
netstat -na | grep :80 |awk '{print $5}'|awk -F '::ffff:' '{print $2}' | grep ':' | awk -F: '{print $1}' | sort | uniq -c | sort -r | awk -F' ' '{if ($1 > 50) print $2}' | grep -v xxx.xxx.xxx.xxx | sed 's/^.*$/iptables -I RH-Firewall-1-INPUT 1 -p tcp -m tcp -s & --dport 80 --syn -j REJECT/' | sh
定时启动的脚本:
df | grep “/var” | awk ‘{ print $5 }’ | awk -F”%” ‘{print $1}’ | awk ‘{ if ($1 > 90){print “alert.sh \”139xxxxxxxx\” \”insufficient disk space on /var. “,$1,”\”"} }’ | csh
ps -ef | grep httpd | grep -v cronolog | grep -v grep | grep -v root | wc -l | awk ‘{ if ($1 > 3000){print “alert.sh \”139xxxxxxxx\” \”apache process “, $1,”\”"} }’ | csh
echo ‘show processlist’ | mysql | grep -v Id | grep -v processlist | wc -l | awk ‘{ if ($1 > 3000){print “alert.sh \”139xxxxxxxx\” \”mysql process “, $1,”\”"} }’ | csh
alert.sh 脚本:
echo $2
echo -e “From:monitor<>\nReply-to:support <support.labs@etentec.com>\nSubject:$2\n\n$2\n.” | /usr/sbin/sendmail $1@139.com
#! /bin/bash
for
do
clear
date
echo -n ‘httpd process: ‘;ps -ef | grep httpd | grep -v cronolog | grep -v grep | grep -v root | wc -l
echo -n ‘http connection: ‘;netstat -an | grep :80 | grep ESTABLISHED | wc -l
echo -n ‘mysql process: ‘;echo ‘show processlist’ | mysql | grep -v Id | grep -v processlist | wc -l
echo -n ‘mysql connection: ‘;netstat -an | grep 3306 | grep ESTABLISHED | wc -l
echo ‘tcp connection stats:’;netstat -n | awk ‘/^tcp/ {++S[$NF]} END {for(a in S) print “ “,a, S[a]}’
echo ‘sorted ESTABLISHED connections: ‘;netstat -na|grep ESTABLISHED|awk ‘{print $5}’|awk -F: ‘{print $1}’|sort|uniq -c|sort -r +0n
echo ‘sorted SYN connections: ‘; netstat -na|grep SYN|awk ‘{print $5}’|awk -F: ‘{print $1}’|sort|uniq -c|sort -r +0n
sleep 5
done
1. 网站平面设计师。
2. 网站PHP开发工程师。
工作地点都在北京。
Import the attachment in the language option dialog of Source in sight. Passed for Source in Sight 3.50.
php-script.zip