The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

local hack?

Discussion in 'General Discussion' started by valleytech, May 12, 2007.

  1. valleytech

    valleytech Member

    Joined:
    May 11, 2007
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    I just checked my /usr/local/apache/access_log, and I saw tons of these

    127.0.0.1 - - [10/May/2007:16:00:01 -0700] "GET /whm-server-status HTTP/1.0" 200 59956
    127.0.0.1 - - [10/May/2007:16:05:00 -0700] "GET /whm-server-status HTTP/1.0" 200 59986
    127.0.0.1 - - [10/May/2007:16:10:01 -0700] "GET /whm-server-status HTTP/1.0" 200 60018
    127.0.0.1 - - [10/May/2007:16:15:00 -0700] "GET /whm-server-status HTTP/1.0" 200 59891
    127.0.0.1 - - [10/May/2007:16:20:01 -0700] "GET /whm-server-status HTTP/1.0" 200 59989
    127.0.0.1 - - [10/May/2007:16:25:00 -0700] "GET /whm-server-status HTTP/1.0" 200 59896

    A indicator that somebody within is trying to compromise the server

    What I should I do, please help:(
    thanks alot
     
  2. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    nothing, these are used by chkservd to ensure apache is up, and also when you click 'Apache Status' in WHM
     
Loading...

Share This Page