Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Answer information access_log scanning security

Discussion in 'Security' started by davidhan, Oct 6, 2014.

  1. davidhan

    davidhan Member

    Joined:
    Sep 18, 2014
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    technewonline
    cPanel Access Level:
    Website Owner
    Hi. everybody.
    Yesterday looking at access_log file at /etc/httpd/logs I found a ip address (that I blocked after this) trying a lot of server folders for example

    cgi-bin/
    cgi-sys/
    nessus/
    system/

    etc, etc. Its a server scanning, Is there a way to prevent this kind of things with a firewall rule or software? Most of the commands were blocked by mod_Security and others directly gave 404 error cause they dont exist.
    Also at access log sometimes appears /~user/ folders, like they are accessing using servername and user to see things. Do you recommend to disable ~ access ? Cause sometimes users use this when domains are not correctly propagated.

    All of this seems that is done using port 80 scanning. But I would like to know a method to block lammers from scanning servers and prevent bandwidth consumption.

    Thanks!
     
    #1 davidhan, Oct 6, 2014
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,040
    Likes Received:
    1,361
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    You can't really prevent anyone from trying to find exploits on your system, but you can implement tools such as Mod_Security and CSF to help block the attempts. You may also find the "Security Advisor" helpful for determining which settings to enable/disable:

    "WHM Home » Security Center » Security Advisor"

    Thank you.
     
    #2 cPanelMichael, Oct 6, 2014
(You must log in or sign up to post here.)
Loading...
Similar Threads - Answer information access_log
  1. uadm

    httpd.conf doesn't answer to host without www

    uadm, Aug 28, 2017, in forum: EasyApache
    Replies:
    4
    Views:
    66
    cPanelMichael
    Aug 28, 2017
  2. martin MHC

    How to uninstall a RPM correctly (answering a query).

    martin MHC, Aug 26, 2017, in forum: General Discussion
    Replies:
    4
    Views:
    81
    cPanelMichael
    Aug 30, 2017
  3. Masimo

    SOLVED httpd is up, but unable to answer requests

    Masimo, Jun 16, 2017, in forum: EasyApache
    Replies:
    4
    Views:
    204
    Masimo
    Jun 16, 2017
  4. hema sherb

    Failed to receive status information from Apache

    hema sherb, Sep 6, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    77
    cPanelMichael
    Sep 6, 2017
  5. Rehan_1990

    Package Information

    Rehan_1990, Aug 17, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    54
    cPanelMichael
    Aug 17, 2017

Share This Page