Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

is it possible to block this

Discussion in 'Security' started by keat63, Feb 23, 2017.

  1. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,040
    Likes Received:
    47
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    Is there any way to block things like this.

    [Thu Feb 23 13:31:52 2017] [error] [client -IP] File does not exist: /usr/local/apache/htdocs/PMA
    [Thu Feb 23 13:31:52 2017] [error] [client -IP ] File does not exist: /usr/local/apache/htdocs/sql
    [Thu Feb 23 13:31:52 2017] [error] [client -IP] File does not exist: /usr/local/apache/htdocs/dbadmin

    I have csf configured to block the IP upon 60 occurances, but it would be nice to have a rule that would block them the instance they tried to access areas such as /USR.
     
  2. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    720
    Likes Received:
    123
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    They don't have control over accessing /usr its just because they are 'scanning' for potential vulnerable applications by using your IP or server hostname which the docroot is set to /usr/local/apache/htdocs

    There is most likely mod_sec rules that catch this, but will need to research a bit.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,532
    Likes Received:
    1,966
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,040
    Likes Received:
    47
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I read the above link, but it was pretty much inconclusive.
    I do have Comodo WAF installed, which has a userdata section.

    Does anyone know enough about Comodo, as again, I couldn't find anything definitive.

    There's a section named 'Blocked URL's' This list allows to block access to specified URLs on your site.
    If I were to populate this with /usr/local/apache, would this do the trick ?
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice