Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Odd requests in Apache log

Discussion in 'General Discussion' started by keat63, Feb 2, 2015.

  1. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,150
    Likes Received:
    64
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I keep seeing lots of these requests in Apache logs, but can't figure out whats going on.

    Code:
    [Mon Feb 02 19:52:35 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:36 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:38 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:40 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:42 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
[Mon Feb 02 19:52:44 2015] [error] [client xx.xxx.xxx.xx] File does not exist: /home/user/public_html/images/uploads/pic1.jpg;http:
    The image actually exists, and i've checked website code for errors.
    I can see no reference to the IP in any other logs, so I've no idea what it is they are trying to call.
    What strikes me as odd is "pic1.jpg;http:"

    I've got over 400 of these over the last 3 days, all for the same file from the same IP.
     
    #1 keat63, Feb 2, 2015
    Last edited by a moderator: Feb 5, 2015
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,046
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    Is it possible the user recently installed a plugin or made any recent changes to their script? If not, you could block that IP address in your firewall if you want to prevent those access attempts from occurring.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelMichael, Feb 3, 2015
  3. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,150
    Likes Received:
    64
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I'm the only user, and it's a new build, so it's hard to say, although i have updated a number of PHP scripts to utilize PHP 5.3.
    This is happening from a number of IP's on a very small number of files.

    I keep seeing "jpg;http" but I can't see what's calling this.
    I've checked and double checked the items in question, but can't see anything wrong.
     
    #3 keat63, Feb 4, 2015
  4. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,764
    Likes Received:
    457
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Figure out what page is causing this by visiting any pages where you have a file called pic1.jpg while viewing the error log in your cPanel.

    Say for instance you have a post on a blog and it has an embedded image called: pic1.jpg in the post. You wouldn't be getting the error on any other pages, just that one post on your blog. Now that you know what page the error is being generated from, check the blog post itself to make sure the image was embedded properly when posted.

    If you're sure the blog post code was added proper, try disabling any new plugins you have installed that may manipulate blog post images.

    If the error is generated on all pages, pic1.jpg may be a part of the theme you have installed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 Infopro, Feb 5, 2015
  5. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,150
    Likes Received:
    64
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    One image i chose today is linked to four different products (it's a screw), each one is using the same image, so this morning i created 4 new images, all with different file names, (one for each screw), in the hope that i may be able to pin the fault to which one of the four screws is creating the error.

    I then removed the original image.

    I'm still seeing an error in apache logs for the missing image, so i'm now thinking that someone has linked to it from an external web page, and it's this external page which has the error and not mine.
     
    #5 keat63, Feb 5, 2015
    Last edited: Feb 5, 2015
  6. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,764
    Likes Received:
    457
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might find more details about that in your AWSTATs in cPanel.
    cPanel > Metrics > AWSTATS > domain.com > Others section down near bottom of left menu, Pages Not Found.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 Infopro, Feb 5, 2015
  7. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,150
    Likes Received:
    64
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I found the culprit this morning.
    Someone has linked to it from Ebay.
    - Removed -
     
    #7 keat63, Feb 6, 2015
    Last edited by a moderator: Feb 6, 2015
  8. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,764
    Likes Received:
    457
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Why link us to that? Removed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #8 Infopro, Feb 6, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - requests Apache
  1. TwistedMexi

    SOLVED Wordpress sending empty requests and killing Apache

    TwistedMexi, Feb 24, 2019, in forum: General Discussion
    Replies:
    5
    Views:
    185
    TwistedMexi
    Feb 28, 2019
  2. globcom

    Suspicious Apache Status requests

    globcom, Oct 27, 2018, in forum: Security
    Replies:
    10
    Views:
    226
    cPanelMichael
    Oct 30, 2018
  3. hostvision

    Strange encoded requests in logs

    hostvision, Mar 7, 2019, in forum: Security
    Replies:
    1
    Views:
    426
    cPanelMichael
    Mar 8, 2019
  4. T1531

    Remote backup to Amazon S3 using thousands of requests?

    T1531, Feb 22, 2019, in forum: Data Protection
    Replies:
    2
    Views:
    161
    cPanelLauren
    Feb 25, 2019
  5. [JZ]

    Too many requests causing a 403 Error

    [JZ], Feb 13, 2019, in forum: General Discussion
    Replies:
    9
    Views:
    202
    cPanelMichael
    Feb 21, 2019

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice