-3

I have a Centos7 server with nginx and google pagespeed. I wanted to clear pagespeed cache for a reason but i saw lots of chinese site caches in my pagespeed cache folder like baidu.com, ly.com, oray.com etc. and also there are folders like "rname", "prop_page".
I have no idea how these folders created. I was getting brute force attacks from china to my SSH but they stopped when I changed the ssh port.
What should I do now?

EDIT: I've found the answer here: https://groups.google.com/forum/#!topic/mod-pagespeed-discuss/zWgCfnAQIkE

Rasko
  • 1
  • 1
  • 7
    You asked "Did I get hacked" in the title of your question. The question @DeerHunter linked to is the canonical answer to that question. Also, it would be only fair if you take the time to write a real answer to your own question, not just an edit with a link and explain what you found out. – Sven Dec 22 '14 at 12:31

1 Answers1

3

For the sake of it being documented, the answer is that it's referrer spam. mod_pagespeed looks at the Host: header of requests to cache, so if a client sends a bad Host header it'll be passed along to the module.

Nathan C
  • 14,901
  • 4
  • 42
  • 62