Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Find the destination script of an inbound TCP connection on our shared webserver

Discussion in 'Security' started by armin654, Nov 24, 2014.

  1. armin654

    armin654 Well-Known Member

    Feb 12, 2014
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Dear friends.
    We have a shared webserver which is being monitored constantly by our ZABBIX agent.
    On some hours of day we have unusual TCP traffic on port 80. Lets say we have over 400 connections from IP address of to our webserver.

    We can easily block any connection from and to using IPTABLES or CFS but we want to know which of our VIRTUAL HOSTS is receiving this connection or which of our VIRTUAL HOST scripts is making this outgoing connection to that specific IP address.

    We are assuming that we have two scenarios. One for INBOUND and one for OUTBOUND

    Is there any tool or way to find out exactly what website is receiving the connection or what script on our server is making outgoing connection to that IP?

    It is noteworthy it is a CentOS6.5 server and we are using LITESPEED as webserver.

    Best Regards
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice