fix：ffuf并发问题

调整日志级别
chore: bump version to v1.1.13
2026-01-31 11:46:16 +08:00 · 2025-12-25 18:02:25 +08:00 · 2025-12-25 17:44:31 +08:00 · 2025-12-25 08:29:39 +00:00 · 2025-12-25 16:21:32 +08:00 · 2025-12-25 16:18:46 +08:00
7 changed files with 23 additions and 20 deletions
--- a/README.md
+++ b/README.md
@@ -181,7 +181,7 @@ sudo ./install.sh

 ### 访问服务

- **Web 界面**: `https://localhost` 
+- **Web 界面**: `https://ip:8083` 

 ### 常用命令

--- a/2
+++ b/2
@@ -1 +1 @@
-v1.1.11
+v1.1.13
--- a/backend/apps/engine/services/task_distributor.py
+++ b/backend/apps/engine/services/task_distributor.py
@@ -251,9 +251,7 @@ class TaskDistributor:
            "-e PREFECT_SERVER_EPHEMERAL_ENABLED=true",  # 启用 ephemeral server（本地临时服务器）
            "-e PREFECT_SERVER_EPHEMERAL_STARTUP_TIMEOUT_SECONDS=120",  # 增加启动超时时间
            "-e PREFECT_SERVER_DATABASE_CONNECTION_URL=sqlite+aiosqlite:////tmp/.prefect/prefect.db",  # 使用 /tmp 下的 SQLite
-            "-e PREFECT_LOGGING_LEVEL=DEBUG",  # 启用 DEBUG 级别日志
-            "-e PREFECT_LOGGING_SERVER_LEVEL=DEBUG",  # Server 日志级别
-            "-e PREFECT_DEBUG_MODE=true",  # 启用调试模式
+            "-e PREFECT_LOGGING_LEVEL=WARNING",  # 日志级别（减少 DEBUG 噪音）
        ]
        
        # 挂载卷
--- a/backend/apps/scan/flows/directory_scan_flow.py
+++ b/backend/apps/scan/flows/directory_scan_flow.py
@@ -483,13 +483,23 @@ def _run_scans_concurrently(
            logger.warning("没有有效的扫描任务")
            continue
        
-        # 使用 ThreadPoolTaskRunner 并发执行
-        logger.info("开始并发提交 %d 个扫描任务...", len(scan_params_list))
+        # ============================================================
+        # 分批执行策略：控制实际并发的 ffuf 进程数
+        # ============================================================
+        total_tasks = len(scan_params_list)
+        logger.info("开始分批执行 %d 个扫描任务（每批 %d 个）...", total_tasks, max_workers)
        
-        with ThreadPoolTaskRunner(max_workers=max_workers) as task_runner:
-            # 提交所有任务
+        batch_num = 0
+        for batch_start in range(0, total_tasks, max_workers):
+            batch_end = min(batch_start + max_workers, total_tasks)
+            batch_params = scan_params_list[batch_start:batch_end]
+            batch_num += 1
+            
+            logger.info("执行第 %d 批任务（%d-%d/%d）...", batch_num, batch_start + 1, batch_end, total_tasks)
+            
+            # 提交当前批次的任务（非阻塞，立即返回 future）
            futures = []
-            for params in scan_params_list:
+            for params in batch_params:
                future = run_and_stream_save_directories_task.submit(
                    cmd=params['command'],
                    tool_name=tool_name,
@@ -504,12 +514,10 @@ def _run_scans_concurrently(
                )
                futures.append((params['idx'], params['site_url'], future))
            
-            logger.info("✓ 已提交 %d 个扫描任务，等待完成...", len(futures))
-            
-            # 等待所有任务完成并聚合结果
+            # 等待当前批次所有任务完成（阻塞，确保本批完成后再启动下一批）
            for idx, site_url, future in futures:
                try:
-                    result = future.result()
+                    result = future.result()  # 阻塞等待单个任务完成
                    directories_found = result.get('created_directories', 0)
                    total_directories += directories_found
                    processed_sites_count += 1
@@ -521,7 +529,6 @@ def _run_scans_concurrently(
                    
                except Exception as exc:
                    failed_sites.append(site_url)
-                    # 判断是否为超时异常
                    if 'timeout' in str(exc).lower() or isinstance(exc, subprocess.TimeoutExpired):
                        logger.warning(
                            "⚠️ [%d/%d] 站点扫描超时: %s - 错误: %s",
--- a/backend/apps/scan/utils/wordlist_helpers.py
+++ b/backend/apps/scan/utils/wordlist_helpers.py
@@ -83,7 +83,8 @@ def ensure_wordlist_local(wordlist_name: str) -> str:
                "无法确定 Django API 地址：请配置 SERVER_URL 或 PUBLIC_HOST 环境变量"
            )
        # 远程 Worker 通过 nginx HTTPS 访问，不再直连 8888
-        api_base = f"https://{public_host}/api"
+        public_port = getattr(settings, 'PUBLIC_PORT', '8083')
+        api_base = f"https://{public_host}:{public_port}/api"
    query = urllib_parse.urlencode({'wordlist': wordlist_name})
    download_url = f"{api_base.rstrip('/')}/wordlists/download/?{query}"

--- a/docs/quick-start.md
+++ b/docs/quick-start.md
@@ -60,11 +60,9 @@ sudo ./install.sh --no-frontend
 #### 必须放行的端口
 ```
 8083  - HTTPS 访问（主要访问端口）
-3000  - 前端服务（开发模式）
 5432  - PostgreSQL（如使用本地数据库）
 6379  - Redis 缓存
 ```
-> 后端 API 默认仅在容器内 8888 监听，由 nginx 反代到 8083，对公网无需放行 8888。

 #### 推荐方案
 - **国外 VPS**：如 Vultr、DigitalOcean、Linode 等，默认开放所有端口，无需额外配置
--- a/install.sh
+++ b/install.sh
@@ -212,8 +212,7 @@ show_summary() {
    fi
    
    echo -e "${GREEN}访问地址：${RESET}"
-    printf "   %-16s %s\n" "XingRin:" "https://${ACCESS_HOST}/"
-    echo -e "   ${YELLOW}(HTTP 会自动跳转到 HTTPS)${RESET}"
+    printf "   %-16s %s\n" "XingRin:" "https://${ACCESS_HOST}:8083/"
    echo
    
    echo -e "${YELLOW}默认登录账号：${RESET}"
Author	SHA1	Message	Date
yyhuni	766f045904	fix：ffuf并发问题	2025-12-25 18:02:25 +08:00
yyhuni	8acfe1cc33	调整日志级别	2025-12-25 17:44:31 +08:00
github-actions[bot]	7aec3eabb2	chore: bump version to v1.1.13	2025-12-25 08:29:39 +00:00
yyhuni	b1f11c36a4	fix：字典下载端口	2025-12-25 16:21:32 +08:00
yyhuni	d97fb5245a	修复：提示	2025-12-25 16:18:46 +08:00
github-actions[bot]	ddf9a1f5a4	chore: bump version to v1.1.12	2025-12-25 08:10:57 +00:00
yyhuni	47f9f96a4b	更新文档	2025-12-25 16:07:30 +08:00
yyhuni	6f43e73162	readme up	2025-12-25 16:06:01 +08:00