Odd requests in Apache log

keat63 · Feb 2, 2015

I keep seeing lots of these requests in Apache logs, but can't figure out whats going on.
Code:
[Mon Feb 02 19:52:35 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:36 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:38 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:40 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:42 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:44 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
The image actually exists, and i've checked website code for errors.
I can see no reference to the IP in any other logs, so I've no idea what it is they are trying to call.
What strikes me as odd is "pic1.jpg;http:"

I've got over 400 of these over the last 3 days, all for the same file from the same IP.

cPanelMichael · Feb 3, 2015

Hello

Is it possible the user recently installed a plugin or made any recent changes to their script? If not, you could block that IP address in your firewall if you want to prevent those access attempts from occurring.

Thank you.

keat63 · Feb 4, 2015

I'm the only user, and it's a new build, so it's hard to say, although i have updated a number of PHP scripts to utilize PHP 5.3.
This is happening from a number of IP's on a very small number of files.

I keep seeing "jpg;http" but I can't see what's calling this.
I've checked and double checked the items in question, but can't see anything wrong.

Infopro · Feb 5, 2015

Figure out what page is causing this by visiting any pages where you have a file called pic1.jpg while viewing the error log in your cPanel.

Say for instance you have a post on a blog and it has an embedded image called: pic1.jpg in the post. You wouldn't be getting the error on any other pages, just that one post on your blog. Now that you know what page the error is being generated from, check the blog post itself to make sure the image was embedded properly when posted.

If you're sure the blog post code was added proper, try disabling any new plugins you have installed that may manipulate blog post images.

If the error is generated on all pages, pic1.jpg may be a part of the theme you have installed.

keat63 · Feb 5, 2015

One image i chose today is linked to four different products (it's a screw), each one is using the same image, so this morning i created 4 new images, all with different file names, (one for each screw), in the hope that i may be able to pin the fault to which one of the four screws is creating the error.

I then removed the original image.

I'm still seeing an error in apache logs for the missing image, so i'm now thinking that someone has linked to it from an external web page, and it's this external page which has the error and not mine.

Infopro · Feb 5, 2015

You might find more details about that in your AWSTATs in cPanel.
cPanel > Metrics > AWSTATS > domain.com > Others section down near bottom of left menu, Pages Not Found.

keat63 · Feb 6, 2015

I found the culprit this morning.
Someone has linked to it from Ebay.
- Removed -

Infopro · Feb 6, 2015

Why link us to that? Removed.

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

Odd requests in Apache log

keat63 Well-Known Member

cPanelMichael Forums Analyst
Staff Member

keat63 Well-Known Member

Infopro cPanel Sr. Product Evangelist
Staff Member

keat63 Well-Known Member

Infopro cPanel Sr. Product Evangelist
Staff Member

keat63 Well-Known Member

Infopro cPanel Sr. Product Evangelist
Staff Member

Redirect IP requests to the default cPanel page?

SOLVED Block abusive requests to website?

SOLVED Redirect ALL port 2083 requests to the server's hostname

SOLVED httpd is up, but unable to answer requests

SOLVED The provider “cPanel (powered by Comodo)” cannot currently accept incoming requests

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

Odd requests in Apache log

keat63 Well-Known Member

cPanelMichael Forums Analyst Staff Member

keat63 Well-Known Member

Infopro cPanel Sr. Product Evangelist Staff Member

keat63 Well-Known Member

Infopro cPanel Sr. Product Evangelist Staff Member

keat63 Well-Known Member

Infopro cPanel Sr. Product Evangelist Staff Member

Redirect IP requests to the default cPanel page?

SOLVED Block abusive requests to website?

SOLVED Redirect ALL port 2083 requests to the server's hostname

SOLVED httpd is up, but unable to answer requests

SOLVED The provider “cPanel (powered by Comodo)” cannot currently accept incoming requests

Share This Page

cPanelMichael Forums Analyst
Staff Member

Infopro cPanel Sr. Product Evangelist
Staff Member

Infopro cPanel Sr. Product Evangelist
Staff Member

Infopro cPanel Sr. Product Evangelist
Staff Member