记一次apache错误异常处理

服务器apache错误日志出现许多类似下面的问题：

script not found or unable to stat: /var/www/cgi-bin/test-cgi
script not found or unable to stat: /var/www/cgi-bin/test.sh
script not found or unable to stat: /var/www/cgi-bin/test-cgi.pl

发现httpd.conf中有部分这样配置：

    #
    # ScriptAlias: This controls which directories contain server scripts.
    # ScriptAliases are essentially the same as Aliases, except that
    # documents in the target directory are treated as applications and
    # run by the server when requested rather than as documents sent to the
    # client.  The same rules about trailing "/" apply to ScriptAlias
    # directives as to Alias.
    #
    ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

#
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#

    AllowOverride None
    Options None
    Require all granted

然后百度搜索：ScriptAlias 和 cgi-bin 关键字，以及查看Apache手册 :

ScriptAlias 指令
说明  映射一个URL到文件系统并视之为CGI脚本
语法  ScriptAlias URL-path file-path|directory-path
作用域 server config, virtual host
状态  基本(B)
模块  mod_alias
ScriptAlias指令的行为与Alias指令相同，但同时它又标明此目录中含有应该由cgi-script处理器处理的CGI脚本。以URL-path开头的(%已解码的)的URL会被映射到由第二个参数指定的具有完整路径名的本地文件系统中的脚本。
示例：
ScriptAlias /cgi-bin/ /web/cgi-bin/
对http://myserver/cgi-bin/foo的请求会引导服务器执行/web/cgi-bin/foo脚本。

通过查看访问日志(access_log),分析出可能是有人恶意去拼这个地址

于是修改apache配置：

#ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

将这一行注释，禁止其映射到所有URL上