The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unknown Log Entries

Discussion in 'General Discussion' started by Webuser2014, Oct 22, 2014.

  1. Webuser2014

    Webuser2014 Member

    Joined:
    Jan 10, 2014
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    The apache status is logging these from some remote IP I do not know in Russia.
    GET /cgi-bin/ezshopper3/loadpage.cgi HTTP/1.0
    GET /cgi-bin/faqmanager.cgi HTTP/1.0
    GET /cgi-bin/environ.cgi HTTP/1.0
    GET /cgi-bin/ezshopper/search.cgi HTTP/1.0
    GET /cgi-bin/ezshopper/loadpage.cgi HTTP/1.0
    GET /cgi-bin/ezshopper2/loadpage.cgi HTTP/1.0
    GET /cgi-bin/enter.cgi HTTP/1.0

    Seems they are probing the system. I just run a basic WordPress site. Can I disable cgi-bin?

    Any insights into why they would go at these files?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,451
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    A google search for this:
    /cgi-bin/ezshopper3/loadpage.cgi

    Tells me it's an old vulnerability:
    /http://www.securityfocus.com/bid/2109/exploit

    Yes sure.

    You can modify the account via WHM to disable CGI Privilege, or disable CGI Access for the Package the account is using here:
    WHM » Packages » Edit a Package
     
  3. Webuser2014

    Webuser2014 Member

    Joined:
    Jan 10, 2014
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Thank you for pointing out where to disable cgi-bin
     
Loading...

Share This Page