logo NodeSeekbeta

有没有人遇到过CloudFlare源服务器上报http: TLS handshake error from错误的问题?

我在源服务器搭建了HTTPS网站,证书用的是Cloudflare签名的免费TLS证书。CloudFlare开启DNS代理,并将SSL/TLS设置为“完全(严格)”模式。

我自己访问这个网站是完全符合预期的,也就是说 客户端->CF服务器->源服务器 这条链路上的TLS握手环节都是成功的。看了CloudFlare“分析和日志”里的统计信息,除了我自己的访问行为外,没有别的异常流量。

异常的是:我的源服务器日志上会多出很多"http: TLS handshake error from <ip_address>: EOF"报错,报错的时间点也并不是我访问的时间点,看上去就像是有人在攻击,但我看了这些访问IP都来自于CloudFlare服务器。

有谁知道这是怎么回事吗?

2024/02/11 10:36:53 server.go:3413: http: TLS handshake error from [2400:cb00:469:1024::ac47:5947]:12727: EOF
2024/02/11 10:36:53 server.go:3413: http: TLS handshake error from [2400:cb00:469:1024::ac47:5947]:54329: EOF
2024/02/11 10:36:55 server.go:3413: http: TLS handshake error from [2400:cb00:469:1024::ac47:5947]:42935: EOF
2024/02/11 10:37:05 server.go:3413: http: TLS handshake error from [2400:cb00:305:1024::ac45:d248]:53337: EOF
2024/02/11 10:37:06 server.go:3413: http: TLS handshake error from [2400:cb00:305:1024::ac45:d248]:36991: EOF
2024/02/11 10:37:06 server.go:3413: http: TLS handshake error from [2400:cb00:305:1024::ac45:d248]:29523: EOF
2024/02/11 10:37:06 server.go:3413: http: TLS handshake error from [2400:cb00:305:1024::ac45:d248]:47401: EOF
2024/02/11 10:37:07 server.go:3413: http: TLS handshake error from [2400:cb00:305:1024::ac45:d248]:40665: EOF
2024/02/11 10:37:15 server.go:3413: http: TLS handshake error from [2400:cb00:391:1024::ac46:8b46]:54657: EOF
2024/02/11 10:37:16 server.go:3413: http: TLS handshake error from [2400:cb00:391:1024::ac46:8b46]:41155: EOF
2024/02/11 10:37:16 server.go:3413: http: TLS handshake error from [2400:cb00:391:1024::ac46:8b46]:58511: EOF
2024/02/11 10:37:16 server.go:3413: http: TLS handshake error from [2400:cb00:391:1024::ac46:8b46]:20965: EOF
2024/02/11 10:37:17 server.go:3413: http: TLS handshake error from [2400:cb00:391:1024::ac46:8b46]:27445: EOF
2024/02/11 10:38:04 server.go:3413: http: TLS handshake error from [2400:cb00:423:1024::ac46:9a46]:22891: EOF
2024/02/11 10:38:05 server.go:3413: http: TLS handshake error from [2400:cb00:423:1024::ac46:9a46]:17567: EOF
2024/02/11 10:38:05 server.go:3413: http: TLS handshake error from [2400:cb00:423:1024::ac46:9a46]:63083: EOF
2024/02/11 10:38:05 server.go:3413: http: TLS handshake error from [2400:cb00:423:1024::ac46:9a46]:50909: EOF
2024/02/11 10:38:06 server.go:3413: http: TLS handshake error from [2400:cb00:423:1024::ac46:9a46]:17105: EOF
2024/02/11 10:43:03 server.go:3413: http: TLS handshake error from [2400:cb00:433:1024::ac46:c245]:54361: EOF
2024/02/11 10:43:04 server.go:3413: http: TLS handshake error from [2400:cb00:433:1024::ac46:c245]:58749: EOF
2024/02/11 10:43:04 server.go:3413: http: TLS handshake error from [2400:cb00:433:1024::ac46:c245]:30525: EOF
2024/02/11 10:43:04 server.go:3413: http: TLS handshake error from [2400:cb00:433:1024::ac46:c245]:39917: EOF
2024/02/11 10:43:05 server.go:3413: http: TLS handshake error from [2400:cb00:433:1024::ac46:c245]:30127: EOF
2024/02/11 10:43:33 server.go:3413: http: TLS handshake error from [2400:cb00:676:1024::ac45:494a]:26425: EOF
2024/02/11 10:43:33 server.go:3413: http: TLS handshake error from [2400:cb00:676:1024::ac45:494a]:52483: EOF
2024/02/11 10:43:33 server.go:3413: http: TLS handshake error from [2400:cb00:676:1024::ac45:494a]:37997: EOF
2024/02/11 10:43:33 server.go:3413: http: TLS handshake error from [2400:cb00:676:1024::ac45:494a]:11451: EOF
2024/02/11 10:43:33 server.go:3413: http: TLS handshake error from [2400:cb00:676:1024::ac45:494a]:27199: EOF
2024/02/11 10:45:24 server.go:3413: http: TLS handshake error from [2400:cb00:393:1024::ac46:6547]:55019: EOF
2024/02/11 10:45:24 server.go:3413: http: TLS handshake error from [2400:cb00:393:1024::ac46:6547]:45059: EOF
2024/02/11 10:45:25 server.go:3413: http: TLS handshake error from [2400:cb00:393:1024::ac46:6547]:14553: EOF
2024/02/11 10:45:25 server.go:3413: http: TLS handshake error from [2400:cb00:393:1024::ac46:6547]:13471: EOF
2024/02/11 10:45:25 server.go:3413: http: TLS handshake error from [2400:cb00:393:1024::ac46:6547]:58193: EOF
2024/02/11 10:46:49 server.go:3413: http: TLS handshake error from [2400:cb00:105:1024::ac44:7889]:27235: EOF
2024/02/11 10:46:50 server.go:3413: http: TLS handshake error from [2400:cb00:105:1024::ac44:7889]:59833: EOF
2024/02/11 10:46:51 server.go:3413: http: TLS handshake error from [2400:cb00:105:1024::ac44:7889]:51705: EOF

更新

我修改了子域名,报错立即停止,但过了两天又偶发地出现了一次。源服务器看到的现象是:TCP连接建立成功后,没有接收任何数据直接EOF。感觉应该就是某种扫描式攻击

  • 能用就不管, Cloudflare 扫描源站吧, 安全扫描啥的我忘了()

  • 试试强制https访问 xhj009

  • 能用就别看 只要各项功能正常就行了

  • 是这样的。我怀疑是他的证书链有问题!

你好啊,陌生人!

我的朋友,看起来你是新来的,如果想参与到讨论中,点击下面的按钮!

📈用户数目📈

目前论坛共有12778位seeker

🎉欢迎新用户🎉