The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

127.0.0.1 host.name.com GET / HTTP/1.0

Discussion in 'General Discussion' started by aisagtr, Jan 19, 2008.

  1. aisagtr

    aisagtr Guest

    Until recently, we have never seen anything under Apache status until we upgraded to Apache 2.0

    Are we being DDOS by our own host machine? Any ideas?

    Under cPanel's Apache Status, we see tons of :

    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0
    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0
    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0
    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0
    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0
    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0
    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0
    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0
    - 0/0/1913 . 0.00 23 0 0.0 0.00 12.69 127.0.0.1 host.server.com HTTP/1.0

    We are using Apache 2 with the following config:

    WHM 11.15.0 cPanel 11.17.0-R19434
    CENTOS Enterprise 4.6 i686 on virtuozzo - WHM X v3.1.0
     
  2. lynnette

    lynnette Member

    Joined:
    Mar 27, 2004
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Noticed the same thing on ours and was wondering what it is.
     
  3. thewird

    thewird Well-Known Member

    Joined:
    Jan 4, 2006
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Toronto
    It's you accessing Apache Status.

    thewird
     
  4. aisagtr

    aisagtr Guest

    Nop, dont thin so.

    If I were to access the apache's status, it would also show up my IP addresses.

    Also, under /var/log/messages, I am getting tons of connections for FTP as follows, now host ftping to itself?

    Jan 20 02:33:04 xtreme syslogd 1.4.1: restart.
    Jan 20 02:41:03 xtreme pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Jan 20 02:41:03 xtreme pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Jan 20 02:49:26 xtreme pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Jan 20 02:49:26 xtreme pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Jan 20 02:57:49 xtreme pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Jan 20 02:57:49 xtreme pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Jan 20 03:06:14 xtreme pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Jan 20 03:06:14 xtreme pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Jan 20 03:14:36 xtreme pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Jan 20 03:14:36 xtreme pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Jan 20 03:22:59 xtreme pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Jan 20 03:22:59 xtreme pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Jan 20 03:31:21 xtreme pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Jan 20 03:31:21 xtreme pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Jan 20 03:39:43 xtreme pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
     
  5. thewird

    thewird Well-Known Member

    Joined:
    Jan 4, 2006
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Toronto
    FTP is unrelated to apache but I still think nothing is going on.

    And no it wouldn't show your IP address if you access it from WHM. Also, I think the FTP thing is WHM's chkservd.

    thewird
     
  6. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Notice the timestamps are roughly 8 minutes apart. Eight minutes is the interval at which cpsrvd checks services.
     
  7. 7Com

    7Com Registered

    Joined:
    Sep 9, 2003
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    How to solve this???

    29-0 - 0/0/15 . 0.56 1438 0 0.0 0.00 0.05 127.0.0.1 my.hostname.com GET / HTTP/1.0
    30-0 - 0/0/2 . 0.11 1604 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    31-0 - 0/0/12 . 0.09 1632 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    32-0 - 0/0/2 . 0.11 1601 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    33-0 - 0/0/8 . 0.13 1633 0 0.0 0.00 0.03 127.0.0.1 my.hostname.com GET / HTTP/1.0
    34-0 - 0/0/16 . 0.08 1547 0 0.0 0.00 0.15 127.0.0.1 my.hostname.com GET / HTTP/1.0
    35-0 - 0/0/30 . 0.62 1419 0 0.0 0.00 0.05 127.0.0.1 my.hostname.com GET / HTTP/1.0
    36-0 - 0/0/10 . 0.44 1518 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    37-0 - 0/0/3 . 0.03 1657 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    38-0 - 0/0/7 . 0.41 1514 0 0.0 0.00 0.02 127.0.0.1 my.hostname.com GET / HTTP/1.0
    39-0 - 0/0/10 . 0.63 1479 0 0.0 0.00 0.07 127.0.0.1 my.hostname.com GET / HTTP/1.0
    40-0 - 0/0/11 . 0.98 1481 0 0.0 0.00 0.07 127.0.0.1 my.hostname.com GET / HTTP/1.0
    41-0 - 0/0/17 . 0.53 1433 0 0.0 0.00 0.20 127.0.0.1 my.hostname.com GET / HTTP/1.0
    42-0 - 0/0/7 . 0.87 1513 0 0.0 0.00 4.23 127.0.0.1 my.hostname.com GET / HTTP/1.0
    43-0 - 0/0/14 . 0.93 1443 0 0.0 0.00 0.09 127.0.0.1 my.hostname.com GET / HTTP/1.0
    44-0 - 0/0/2 . 0.14 1595 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    45-0 - 0/0/9 . 0.38 1509 0 0.0 0.00 0.23 127.0.0.1 my.hostname.com GET / HTTP/1.0
    46-0 - 0/0/20 . 0.48 1447 0 0.0 0.00 0.08 127.0.0.1 my.hostname.com GET / HTTP/1.0
    47-0 - 0/0/2 . 0.07 1619 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    48-0 - 0/0/15 . 0.16 1428 0 0.0 0.00 0.21 127.0.0.1 my.hostname.com GET / HTTP/1.0
    49-0 - 0/0/3 . 0.03 1585 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    50-0 - 0/0/7 . 0.15 1529 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    51-0 - 0/0/4 . 0.09 1618 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    52-0 - 0/0/9 . 0.05 1527 0 0.0 0.00 0.15 127.0.0.1 my.hostname.com GET / HTTP/1.0
    53-0 - 0/0/16 . 1.08 1432 0 0.0 0.00 0.04 127.0.0.1 my.hostname.com GET / HTTP/1.0
    54-0 - 0/0/5 . 0.05 1596 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    55-0 - 0/0/12 . 0.54 1462 0 0.0 0.00 0.02 127.0.0.1 my.hostname.com GET / HTTP/1.0
    56-0 - 0/0/4 . 0.14 1592 0 0.0 0.00 0.11 127.0.0.1 my.hostname.com GET / HTTP/1.0
    57-0 - 0/0/3 . 0.06 1655 1 0.0 0.00 0.02 124.13.98.9 gamelife-e.com GET /img/title.jpg HTTP/1.1
    58-0 - 0/0/13 . 0.16 1536 0 0.0 0.00 0.07 127.0.0.1 my.hostname.com GET / HTTP/1.0
    59-0 - 0/0/8 . 0.48 1498 0 0.0 0.00 0.06 127.0.0.1 my.hostname.com GET / HTTP/1.0
    60-0 - 0/0/3 . 0.03 1597 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    61-0 - 0/0/11 . 0.12 1503 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    62-0 - 0/0/5 . 0.12 1563 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    63-0 - 0/0/8 . 0.30 1499 0 0.0 0.00 0.02 127.0.0.1 my.hostname.com GET / HTTP/1.0
    64-0 - 0/0/2 . 0.13 1593 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    65-0 - 0/0/12 . 0.13 1617 0 0.0 0.00 0.02 127.0.0.1 my.hostname.com GET / HTTP/1.0
    66-0 - 0/0/11 . 0.22 1473 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    67-0 - 0/0/5 . 0.13 1566 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    68-0 - 0/0/11 . 1.13 1472 0 0.0 0.00 0.08 127.0.0.1 my.hostname.com GET / HTTP/1.0
    69-0 - 0/0/12 . 0.32 1469 0 0.0 0.00 0.14 127.0.0.1 my.hostname.com GET / HTTP/1.0
    70-0 - 0/0/16 . 0.31 1492 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    71-0 - 0/0/18 . 0.14 1459 0 0.0 0.00 0.03 127.0.0.1 my.hostname.com GET / HTTP/1.0
    72-0 - 0/0/14 . 0.68 1484 0 0.0 0.00 0.03 127.0.0.1 my.hostname.com GET / HTTP/1.0
    73-0 - 0/0/11 . 0.93 1497 0 0.0 0.00 0.10 127.0.0.1 my.hostname.com GET / HTTP/1.0
    74-0 - 0/0/3 . 0.04 1598 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    75-0 - 0/0/13 . 0.62 1460 0 0.0 0.00 0.14 127.0.0.1 my.hostname.com GET / HTTP/1.0
    76-0 - 0/0/6 . 0.08 1580 0 0.0 0.00 4.23 127.0.0.1 my.hostname.com GET / HTTP/1.0
    77-0 - 0/0/13 . 0.59 1448 0 0.0 0.00 0.08 127.0.0.1 my.hostname.com GET / HTTP/1.0
    78-0 - 0/0/17 . 0.79 1445 0 0.0 0.00 0.05 127.0.0.1 my.hostname.com GET / HTTP/1.0
    79-0 - 0/0/5 . 0.02 1589 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    80-0 - 0/0/18 . 0.14 1437 0 0.0 0.00 8.04 127.0.0.1 my.hostname.com GET / HTTP/1.0
    81-0 - 0/0/41 . 3.56 949 0 0.0 0.00 0.23 127.0.0.1 my.hostname.com GET / HTTP/1.0
    82-0 - 0/0/4 . 0.06 1606 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    83-0 - 0/0/5 . 0.15 1562 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    84-0 - 0/0/6 . 0.02 1586 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    85-0 - 0/0/3 . 0.02 1653 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    86-0 - 0/0/2 . 0.07 1616 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    87-0 - 0/0/2 . 0.01 1654 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    88-0 - 0/0/8 . 0.43 1525 0 0.0 0.00 0.13 127.0.0.1 my.hostname.com GET / HTTP/1.0
    89-0 - 0/0/13 . 0.75 1478 0 0.0 0.00 0.19 127.0.0.1 my.hostname.com GET / HTTP/1.0
    90-0 - 0/0/10 . 0.11 1648 0 0.0 0.00 3.47 127.0.0.1 my.hostname.com GET / HTTP/1.0
    91-0 - 0/0/5 . 0.09 1651 0 0.0 0.00 0.12 127.0.0.1 my.hostname.com GET / HTTP/1.0
    92-0 - 0/0/16 . 0.39 1456 0 0.0 0.00 0.13 127.0.0.1 my.hostname.com GET / HTTP/1.0
    93-0 - 0/0/16 . 0.13 1454 0 0.0 0.00 0.14 127.0.0.1 my.hostname.com GET / HTTP/1.0
    94-0 - 0/0/2 . 0.11 1615 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    95-0 - 0/0/10 . 0.64 1474 0 0.0 0.00 0.05 127.0.0.1 my.hostname.com GET / HTTP/1.0
    96-0 - 0/0/2 . 0.03 1645 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    97-0 - 0/0/13 . 0.26 1452 0 0.0 0.00 0.13 127.0.0.1 my.hostname.com GET / HTTP/1.0
    98-0 - 0/0/3 . 0.06 1570 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    99-0 - 0/0/2 . 0.02 1652 0 0.0 0.00 0.00 127.0.0.1 my.hostname.com GET / HTTP/1.0
    100-0 - 0/0/6 . 0.15 1531 0 0.0 0.00 0.11 127.0.0.1 my.hostname.com GET / HTTP/1.0
    101-0 - 0/0/3 . 0.11 1614 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    102-0 - 0/0/5 . 0.13 1600 0 0.0 0.00 0.12 127.0.0.1 my.hostname.com GET / HTTP/1.0
    103-0 - 0/0/12 . 0.66 1467 0 0.0 0.00 0.02 127.0.0.1 my.hostname.com GET / HTTP/1.0
    104-0 - 0/0/6 . 0.71 1506 0 0.0 0.00 0.01 127.0.0.1 my.hostname.com GET / HTTP/1.0
    105-0 - 0/0/14 . 0.12 1612 0 0.0 0.00 0.22 127.0.0.1 my.hostname.com GET / HTTP/1.0
    106-0 - 0/0/16 . 1.16 1440 0 0.0 0.00 0.10 127.0.0.1 my.hostname.com GET / HTTP/1.0
    107-0 - 0/0/12 . 0.16 1569 0 0.0 0.00 3.42 127.0.0.1 my.hostname.com GET / HTTP/1.0
    108-0 - 0/0/10 . 0.09 1546 0 0.0 0.00 0.03 127.0.0.1 my.hostname.com GET / HTTP/1.0
    109-0 - 0/0/19 . 0.49 1475 0 0.0 0.00 0.23 127.0.0.1 my.hostname.com GET / HTTP/1.0
    110-0 - 0/0/5 . 0.07 1650 0 0.0 0.00 0.05 127.0.0.1 my.hostname.com GET / HTTP/1.0

    Too many request...
     
  8. thewird

    thewird Well-Known Member

    Joined:
    Jan 4, 2006
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Toronto
    You can't solve it and its not a problem either. Notice the "-", that means its not an active request (it happened in the past and has been closed). All that is, is CPanel checking if apache is online WHICH IS A GOOD THING.

    thewird
     
  9. s.a.

    s.a. Active Member
    PartnerNOC

    Joined:
    Aug 16, 2007
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Toronto, Canada
    It's not like this is some big issue, but on couple of my servers instead of "GET /" it shows "OPTIONS *":

    45-37 - 0/0/4643 . 2.64 539 0 0.0 0.00 69.18 127.0.0.1 my.hostname.com OPTIONS * HTTP/1.0
    46-37 - 0/0/5643 . 1.22 528 0 0.0 0.00 100.38 127.0.0.1 my.hostname.com OPTIONS * HTTP/1.0
    47-37 - 0/0/5971 . 1.06 537 0 0.0 0.00 78.97 127.0.0.1 my.hostname.com OPTIONS * HTTP/1.0
    48-37 - 0/0/3982 . 2.52 460 0 0.0 0.00 56.54 127.0.0.1 my.hostname.com OPTIONS * HTTP/1.0
    49-37 - 0/0/3904 . 0.61 504 0 0.0 0.00 66.25 127.0.0.1 my.hostname.com OPTIONS * HTTP/1.0
    50-37 - 0/0/3484 . 3.65 590 0 0.0 0.00 86.02 127.0.0.1 my.hostname.com OPTIONS * HTTP/1.0
    51-37 - 0/0/3924 . 2.06 510 0 0.0 0.00 52.81 127.0.0.1 my.hostname.com OPTIONS * HTTP/1.0
    52-37 - 0/0/3689 . 0.00 587 0 0.0 0.00 97.75 127.0.0.1 my.hostname.com OPTIONS * HTTP/1.0

    Running Apache 2.2
    Did anyone notice anything similar?
     
  10. thewird

    thewird Well-Known Member

    Joined:
    Jan 4, 2006
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Toronto
    Anything coming from localhost (127.0.0.1), just ignore.

    thewird
     
  11. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    OKAY THEN, so how do I filter this out from showing up in /usr/local/apache/logs/access_log ???

    I use the access_log for a lot of our security work here, and would rather these particular 127.0.0.1 entries be omitted, but how?

    Thanks for anything on this one.
     
  12. troxalias

    troxalias Well-Known Member

    Joined:
    Nov 21, 2001
    Messages:
    96
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Athens - Greece
    Code:
    grep -v 127.0.0.1 /usr/local/apache/logs/access_log > /tmp/access_log_no_localhost 
    The above command will do the trick.
     
  13. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    I tried inserting the following right below the LogFormat stuff in the http.conf file, but it did not work:

    SetEnvIf Request_URI 127.0.0.1 exclude_from_log
    CustomLog /usr/local/apache/logs/access_log common env=!exclude_from_log


    Also tried:

    SetEnvIf Referer 127.0.0.1 exclude_from_log
    CustomLog /usr/local/apache/logs/access_log common env=!exclude_from_log


    But no-go.
     
  14. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Thanks but this does not quite work for me.

    I can see that the above creates an alternate file without the 127.0.0.1 entries, but I need to run scripts like the following every minute (via a cron), and I would prefer not to have to create a tmp file first:


    ---------------

    #bin/bash
    d=0
    for i in `tail -200 /usr/local/apache/logs/access_log | awk '/\.php?/ {print $1}'`
    do
    if [ $i ]
    then
    if [ $d != $i ]
    then
    /etc/csf/csf.pl -d $i phptest
    d=$i
    fi
    fi
    done
     
  15. vikins

    vikins Well-Known Member

    Joined:
    Oct 3, 2006
    Messages:
    93
    Likes Received:
    1
    Trophy Points:
    8
    Yes, this is exactly what I'm seeing to on my Apache 2.2.8 that I just built:

    Server Version: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635

    WHM 11.15.0 cPanel 11.18.1-R20683
    CENTOS Enterprise 4.6 i686 on virtuozzo - WHM X v3.1.0


    Doesn't happen on my Apache 1.3.x:

    Server Version: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a PHP-CGI/0.1b

    WHM 11.15.0 cPanel 11.18.1-R20683
    CENTOS Enterprise 3.9 i686 on virtuozzo - WHM X v3.1.0


    Like some people have said, they get like 90 of these "OPTIONS" entries. I don't have that many, but it is a nearly unused VPS at this point. I think *something* is up, but it might not be malicious. And again, this seems to be specific to at least Apche 2.x and maybe only 2.2.x?
     
  16. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    And again, I just want to know how to filter out these (meaningless) entries from the general apache access log.

    Do any of the experts here know how to change the httpd.conf file so that this can be done?
     
  17. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Okay solved it.

    For anyone interested in this, here's what I did:

    1 -- Backed up the httpd.conf file.

    2 -- Pico-ed into the httpd.conf file and scrolled down to the LogFormat section.

    3 -- You will see a section that starts with this:

    <IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    CustomLog logs/access_log common

    Just change the CustomLog line, and enter a new line just above it. So your final will look like this:


    <IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    SetEnvIf Remote_Addr "127\.0\.0\.1" exclude_from_log
    CustomLog logs/access_log common env=!exclude_from_log



    4 -- Restart Apache and now you should see no such entires when tailing /usr/local/apache/logs/access_log

    Please note, that on one of our servers I had to use the following line instead, because the localhost entries were starting with ::1 rather than 127.0.0.1

    SetEnvIf Remote_Addr "\:\:1" exclude_from_log


    Also note ---> If you try this and it screws something up (it shouldn't), I take absolutely no responsibility. Again, be sure to backup your httpd.conf file before doing ANY work with this.
     
  18. vikins

    vikins Well-Known Member

    Joined:
    Oct 3, 2006
    Messages:
    93
    Likes Received:
    1
    Trophy Points:
    8
    I'm glad to solved your issue with not wanting to see the entries in your logs, but shouldn't the bigger issue here by figuring out why they exist in the first place?
     
  19. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    It's cPanel cpsrvd checking its own services, in this case, checking to see that Apache is still up.
     
  20. vikins

    vikins Well-Known Member

    Joined:
    Oct 3, 2006
    Messages:
    93
    Likes Received:
    1
    Trophy Points:
    8
    But these issues still confuse me:

    1. Each slot that you see in the status page is able to handle multiple requests. Why would cpsrvd's requests always be left behind instead of being cleared out and overwritten by new incoming requests for customer web pages? How can somebody have 90 or so of these hanging around never to get overwritten by a new requests?

    2. Why doesn't something similar happen on Apache 1.3.x?

    3. The "SS" column in the status page shows how many seconds have elapsed since the last request to that slot. For example, I have 9 "OPTIONS" slots all within a 10 second period. Why would cpsrvd check 9 times in 10 seconds?

    4. A cPanel rep has contributed to this thread and did not confirm what you said. He confirmed somebody else's log showing cpsrvd checking FTP services every 8 mins. Go back and look, he wasn't talking about this issue.

    If you have a better thread link that explains better please pass it on. As of now, I still think it seems strange.

    Could a cPanel rep clear this up, if possible? :)

    Thank you!
     
Loading...

Share This Page