The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Very strange IP ( 0.0.0.4) making many connections

Discussion in 'Security' started by Rodrigo Gomes, Jun 24, 2017.

  1. Rodrigo Gomes

    Rodrigo Gomes Well-Known Member

    Joined:
    Apr 6, 2016
    Messages:
    82
    Likes Received:
    21
    Trophy Points:
    8
    Location:
    Brazil
    cPanel Access Level:
    Root Administrator
    Hello guys,

    Today I received the alert below in my email. This is very strange!

    The port 0.0.0.4:80 responds but does not seem to recognize HTTP requests.

    Does anyone have any idea what this might be?

    I use NGINX as a proxy in front of Apache, and recently I activated IPv6 on my server.

    Code:
    lfd on myserver.com: 0.0.0.4 (-/-/-) blocked with too many connections
    
    Time:        Sat Jun 24 09:42:50 2017 -0300
    IP:          0.0.0.4 (-/-/-)
    Connections: 437
    Blocked:     Permanent Block
    
    Connections:
    tcp6: 0.0.0.4:39360 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39568 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39976 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39668 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:40048 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:40226 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:38570 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:40302 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39372 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:40176 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39684 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:38666 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:38552 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39848 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:38566 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:40128 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:80 -> 0.0.0.4:39308 (TIME_WAIT)
    tcp6: 0.0.0.4:40014 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39656 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:40330 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:38974 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39762 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39748 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:40106 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39886 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:38662 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:38792 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:39336 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:38902 -> 0.0.0.4:80 (TIME_WAIT)
    tcp6: 0.0.0.4:40294 -> 0.0.0.4:80 (TIME_WAIT)
    ......
    Code:
    [~]# wget -p http://0.0.0.4
    --2017-06-24 15:03:53--  http://0.0.0.4/
    Connecting to 0.0.0.4:80... Failed: Invalid argument.
    Note that in the list it says tcp6, but 0.0.0.4 is not a valid IPv6.
     
    #1 Rodrigo Gomes, Jun 24, 2017
    Last edited by a moderator: Jun 24, 2017
  2. Rodrigo Gomes

    Rodrigo Gomes Well-Known Member

    Joined:
    Apr 6, 2016
    Messages:
    82
    Likes Received:
    21
    Trophy Points:
    8
    Location:
    Brazil
    cPanel Access Level:
    Root Administrator
    After some research and testing, I discovered that the tcp6 protocol also responds ipv4.

    And that any server with cPanel, returns wget -p http://0.0.0.4 with:
    Connecting to 0.0.0.4:80... Failed: Invalid argument.

    What I can not imagine what it could be doing that number of requests. Anyone have any suggestions?
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Have you reviewed /usr/local/apache/logs/access_log and /usr/local/apache/logs/error_log to see what access attempts are occurring when you notice those connection attempts?

    Thank you.
     
  4. Rodrigo Gomes

    Rodrigo Gomes Well-Known Member

    Joined:
    Apr 6, 2016
    Messages:
    82
    Likes Received:
    21
    Trophy Points:
    8
    Location:
    Brazil
    cPanel Access Level:
    Root Administrator
    Hello Michael!

    I did not find this IP anywhere in the logs.

    What I see in "/usr/local/apache/logs/access_log" at the same time of the problem is this. But it seems to be something common within this log:
    Code:
    ::1 - - [24/Jun/2017:09:42:23 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:42:41 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:07 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:08 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:09 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:10 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:11 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:12 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:13 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:14 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:15 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:16 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:17 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:18 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:19 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:20 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:21 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:22 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:23 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:24 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:25 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:26 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:27 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:28 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:29 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:30 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:31 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:32 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:33 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:34 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:35 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:36 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:37 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:40 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:43:57 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:44:38 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    127.0.0.1 - - [24/Jun/2017:09:45:06 -0300] "GET /whm-server-status?auto HTTP/1.1" 200 1210 "-" "munin/2.0.25 (libwww-perl/6.15)"
    127.0.0.1 - - [24/Jun/2017:09:45:08 -0300] "GET /whm-server-status?auto HTTP/1.1" 200 1210 "-" "munin/2.0.25 (libwww-perl/6.15)"
    ::1 - - [24/Jun/2017:09:45:09 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    127.0.0.1 - - [24/Jun/2017:09:45:10 -0300] "GET /whm-server-status?auto HTTP/1.1" 200 1210 "-" "munin/2.0.25 (libwww-perl/6.15)"
    ::1 - - [24/Jun/2017:09:45:10 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:11 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:12 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:13 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:28 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:29 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:32 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:37 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:44 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:45:49 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:46:01 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    127.0.0.1 - - [24/Jun/2017:09:46:22 -0300] "GET / HTTP/1.0" 400 10067 "-" "-"
    ::1 - - [24/Jun/2017:09:46:32 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:46:33 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:46:34 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:46:43 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:07 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:08 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:09 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:10 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:11 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:12 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:13 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:14 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:15 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:16 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    ::1 - - [24/Jun/2017:09:47:17 -0300] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (internal dummy connection)"
    Judging by the status of the connections (TIME_WAIT), I believe that none could connect to port 80 with this IP.

    The only different things that were done on this server recently was the installation of IPv6 and KernelCare.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    These entries are explained on the following thread:

    Apache Status and HTTP Requests of "OPTIONS * HTTP/1.0"

    Thank you.
     
    Rodrigo Gomes likes this.
  6. Rodrigo Gomes

    Rodrigo Gomes Well-Known Member

    Joined:
    Apr 6, 2016
    Messages:
    82
    Likes Received:
    21
    Trophy Points:
    8
    Location:
    Brazil
    cPanel Access Level:
    Root Administrator
    Thanks for the explanation of these lines in the log, Michael!

    Unfortunately, I have not figured out the mystery of the reason for these connections.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You may also want to reach out to the developer of the Nginx plugin you are using to see if additional information about those connections is available. Note that it's also a common topic on the CSF forums:

    0.0.0.0 Block - ConfigServer Community Forum

    Thank you.
     
    Rodrigo Gomes likes this.
  8. Rodrigo Gomes

    Rodrigo Gomes Well-Known Member

    Joined:
    Apr 6, 2016
    Messages:
    82
    Likes Received:
    21
    Trophy Points:
    8
    Location:
    Brazil
    cPanel Access Level:
    Root Administrator
    Hello Michael!

    I use NGINX a long time, and this only started to appear after I activated IPv6.

    Note that the connection uses the tcp6 protocol.
    I'm pretty sure it's something related to IPv6, I just do not know what!
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Feel free to open a support ticket using the link in my signature if you'd like us to take a closer look at what's making those local connections from the IPv6 loopback address.

    Thank you.
     
    Rodrigo Gomes likes this.
  10. Rodrigo Gomes

    Rodrigo Gomes Well-Known Member

    Joined:
    Apr 6, 2016
    Messages:
    82
    Likes Received:
    21
    Trophy Points:
    8
    Location:
    Brazil
    cPanel Access Level:
    Root Administrator
    Hello Michael!

    I like to try to solve on my own, to learn too.
    But I'll follow your advice, thanks for your help!
     
Loading...

Share This Page