刚刚看到 apache 的日志里有好多本地请求 via OpenSSL，而我没有配置过 cron 或者类似的定时器，有没有谁有类似经历?

PS：服务器上我配置了 lets encrypt renew bot，fail2ban 应该和这个异常日志都没关系吧

81.139.18.17 - - [12/Oct/2017:11:04:25 +0800] "HEAD http://138.197.221.177:80/phpmyadmin2013/ HTTP/1.1" 404 194 "-" "Mozilla/5.0 Jorgee"
81.139.18.17 - - [12/Oct/2017:11:04:25 +0800] "HEAD http://138.197.221.177:80/phpmyadmin2014/ HTTP/1.1" 404 194 "-" "Mozilla/5.0 Jorgee"
81.139.18.17 - - [12/Oct/2017:11:04:25 +0800] "HEAD http://138.197.221.177:80/phpmyadmin2015/ HTTP/1.1" 404 159 "-" "Mozilla/5.0 Jorgee"
81.139.18.17 - - [12/Oct/2017:11:04:26 +0800] "HEAD http://138.197.221.177:80/phpmyadmin2017/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 Jorgee"
81.139.18.17 - - [12/Oct/2017:11:04:26 +0800] "HEAD http://138.197.221.177:80/phpmyadmin2018/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 Jorgee"
81.139.18.17 - - [12/Oct/2017:11:04:27 +0800] "HEAD http://138.197.221.177:80/phpmanager/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 Jorgee"
138.197.108.245 - - [12/Oct/2017:11:06:12 +0800] "HEAD /icons/apache_pb.gif HTTP/1.0" 200 250 "-" "Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0; [email protected])"
104.236.163.39 - - [12/Oct/2017:11:10:19 +0800] "GET / HTTP/1.1" 200 3469 "-" "Mozilla/5.0 zgrab/0.x"
177.221.104.214 - - [12/Oct/2017:11:58:16 +0800] "GET / HTTP/1.1" 200 11576 "-" "curl/7.17.1 (mips-unknown-linux-gnu) libcurl/7.17.1 OpenSSL/0.9.8i zlib/1.2.3"
211.22.218.77 - - [12/Oct/2017:12:31:15 +0800] "HEAD http://138.197.221.177:80 HTTP/1.1" 200 311 "-" "Mozilla/5.0 Jorgee"
211.22.218.77 - - [12/Oct/2017:12:31:15 +0800] "GET http://138.197.221.177:80 HTTP/1.0" 200 11595 "-" "Mozilla/5.0 Jorgee"
::1 - - [12/Oct/2017:13:00:26 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:00:27 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:00:28 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:00:29 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:00:30 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:00:31 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:00:32 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:28:03 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:31:44 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:31:45 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:31:46 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:37:12 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:37:13 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:37:14 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"
::1 - - [12/Oct/2017:13:37:15 +0800] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g (internal dummy connection)"

Google "internal dummy connection"

看着像网站扫描器，在扫描网站可能存在的后台管理的页面。

审题不清，还是看一楼吧

一般访问网站都不用 HEAD/OPTIONS 吧，反正我只要不是 GET 或 POST 访问的，都 BAN 了！

我的一个失误，这个本地的 option 操作是 apache 为了 keep alive 的一个措施~