The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Awstats: What is the meaning of Authenticated users

Discussion in 'General Discussion' started by isputra, Jun 22, 2004.

  1. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    576
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Mbelitar
    Hi,

    I look on my subdomain stats from cpanel (awstats) and i found on Authenticated users have these informations :

    Authenticated users (Top 10) - Full list - Last visit
    Authenticated users : 5 Pages Hits Bandwidth Last visit
    rian_crash 286 286 45.75 MB 20 Jun 2004 - 17:29
    libnet 6 6 110 Bytes 18 Jun 2004 - 11:46
    tirza30 3 3 962.56 KB 09 Jun 2004 - 10:58
    bck 2 2 44 Bytes 18 Jun 2004 - 12:59
    trisdan 1 1 12.41 KB 11 Jun 2004 - 16:07
    Other logins (and/or anonymous users) 92765 132404 15.60 GB

    Can someone help me how to read above stats result ?

    I don't have all above users on my domain so i am curious why those users can have authentication from my site ? :confused:

    Thanks.
     
  2. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    Would be nice to get some clarification. Doesn't seem to address strange users in the awstats documentation. Yes, these are .htaccess logins, but some of my clients are pointing out that strange usernames are appearing in that section, even though they have not given access privileges to anyone else...
     
  3. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    576
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Mbelitar
    Still have these alert from awstats :

    Authenticated users (Top 10) - Full list - Last visit
    Authenticated users : 5 Pages Hits Bandwidth Last visit
    rian_crash
    libnet
    tirza30
    bck
    trisdan

    Anyone can help me to explain why this can happen ?
     
  4. FriedEgg

    FriedEgg Active Member

    Joined:
    Sep 27, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Washington, DC
    Even if a site doesn't use any logins like that, it's possible for a user to send a login name/password. It may simply be a misconfiguration, or it may be someone trying to access vulnerable sites. You can send a name/password with most browsers using a format like
    Code:
    http://username:password@www.example.com/
    In general, nothing to worry about most of the time, but still good to be aware of in case you find anything overly suspicious.
     
  5. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
    But what is an "Authenticated user" exactly?

    for instance, i see ebay.com is an "Authenticated user"

    How can that be?
     
  6. SueK

    SueK Registered

    Joined:
    Jan 19, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I'm curious about this as well. My stats show 3 authenticated users (plus anonymous logins) and I only have one domain on the server. I am running a vBulletin forum board and have allowed members the ability to upload avatars to the database. Could this stat be reflecting this?

    This is what I've seen:
    Last month only "lslatter" show up as authenticated and all others were anonymous. In all previous months, only showed the anonymous figure.
     
  7. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
    why nothing from cpanel on this?

    We have the same problem, showing "authenticated users" in awstats and I went back for 12 months and every month there are users in there.

    Isn't is about time we get an answer from somene at cpanel about this? I encourage you to look up some of your accounts on your server and see if you also have "authenticated users" that you don't recognize.
     
  8. nickg78

    nickg78 Member

    Joined:
    May 7, 2004
    Messages:
    11
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Athens, Greece
    cPanel Access Level:
    Root Administrator
    It was explained a few posts above.

    If somebody visits your site by typing http://testusername:testpassword@www.yoursite.com it is the same with visiting http://www.yoursite.com but in the logs he appears as an authenticated user, with username "testusername" and password "testpassword".

    Maybe there are some worms or users trying to authenticate, where authentication is not required. I don't think this is something you have to worry about. I have similar authentication logs in my awstats, and the same happens with all the sites I know.
     
    #8 nickg78, Jun 21, 2005
    Last edited: Jun 21, 2005
  9. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
Loading...

Share This Page