The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

disable access to forbidden areas

Discussion in 'Security' started by keat63, Mar 26, 2015.

  1. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Looking in my apache logs i see a failed attempt to open a php file, which doesn't exist.

    /usr/local/apache/htdocs/testproxy.php

    I guess some form of hacking attack.
    Should there not be some sort of security which disables access to /usr/local/apache anyway
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    The following directories and files are stored in the /usr/local/apache/htdocs/ directory:

    These are all intended for view from the public. Could you elaborate on what in particular you want to limit access to? There should be no need to restrict access to this directory because there are no sensitive files.

    Thank you.
     
  3. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Was a little concerned why someone or something tried to open a PHP file in an area thats not a public_html ?
    I'm being a little naive maybe, but I have a server, with user accounts, each of which has a domain name asscociated with it.
    Legitimate traffic would or should be going to the public_html folder of those domains, not somewhere embedded in to the system files ??
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It's common to see access attempts to certain file names or directories that do not exist. It's often either a script with an incorrectly coded path, or an attempt to see if a vulnerable file exists.

    Thank you.
     
Loading...

Share This Page