dzamanakos

Well-Known Member
Feb 15, 2014
53
3
8
cPanel Access Level
Root Administrator
Hi, i'm using litespeed and i've noticed in my /var/log/apache/error_log lines like :
[127.0.0.1:34460] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34466] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34468] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34472] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34474] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34478] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34488] File not found [/var/www/html/whm-server-status]

In /var/log/apache2/access_log i get :
127.0.0.1 - - [20/Mar/2019:09:14:17 +0200] "GET /whm-server-status HTTP/1.1" 404 10073 "-" "HTTP-Tiny/0.070"

I have almost 1 request every 1-2 seconds to both log files.

I dont know if that requests come from some cpanel service that is trying to check if apache is up or something about apache status, or someone runs scripts in order to use the security problem posted some time ago for cpanel's apache whm-server-status (hosting.review/news/cpanel-vulnerability/).

If that request comes from cpanel service, how can i disable it, as it's logging (hard disk i/o without reason) too many lines?

If it's not coming from cpanel, is there a way to check which user is trying to connect (user domain logs dont have requests to that url)?

best regards,
 
Last edited by a moderator:

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @dzamanakos,

LiteSpeed does not support the use of the whm-server-status page and thus "File not found" errors are reported in the error log whenever a cPanel & WHM feature that relies on the page attempts to access it. It's used across multiple features, so there's no way to easily disable those local access attempts at this time. We do have a internal case open (ZC-4828) to explore removing the reliance on whm-server-status. There's no time frame to offer at this time, but I'll update this thread more information on it's status as it becomes available.

Thank you.
 
  • Like
Reactions: Del Drago

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @lucasdomonte,

I don't have new information to report at this time, however I'll continue to monitor the case and report new information here as it becomes available.

To add more visibility to this improvement request, I recommend creating a corresponding feature request for the ability to disable the requirement for whm-server-status in the product. Here's the format we recommend using when creating a feature request to ensure your feedback gets as much visibility as possible and translates into actionable work:

As a {cPanel User, System Administrator, web-hosting provider, or any other user perspective}, I would like {the feature that is being requested} so that {benefit that the request adds to the product}.
Feel free to respond here with a link to the feature request upon approval, or let me know if you have any questions about how to format the request.

Thank you.
 

david364

Active Member
Sep 15, 2013
29
4
8
cPanel Access Level
Reseller Owner
Just wanted to add that allowing many non-error lines in the access and error log files can make it more difficult for customers to find genuine errors. A solution could block server status in a special way that does not cause Apache to record a message in its logs. This would require coordination between the Apache and cPanel organizations, but would not require redesign of cPanel.