[kwlug-disc] Apache 403 & access.log questions

Paul Nijjar paul_nijjar at yahoo.ca
Thu Apr 4 21:57:43 EDT 2019


On Thu, Apr 04, 2019 at 09:34:53PM -0400, Charles M wrote:
> Hi all. I'm trying to install an application in a sub-directory of my
> web server. The structure is something like:
> 
> /var/www/html/sitename/public_html/help/
> 
> When I surf to sitename/help/ access.log shows a 200 for the
> index.html in that directory. However the index.html is just a
> redirect to a subfolder below help called me/. That redirected folder
> seems to be generating a 403 error. me/ has the same user and group
> permission as well as the same access permissions - so I'm thinking
> this has something to do with my main site apache configuration file?

Can you access the me/ folder directly without going to index.html? If
you can, then maybe it has something to do with the redirect. If you
can't, then the redirect may not be the problem.
You might also consider redirecting to a completely different website
to check that rewrites work. 

Also keep in mind that in these situations I tend to use mod_rewrite
rules to do the redirection when the user hits the site (as opposed to
putting a redirect in the file).


> 
> Second question. In the access.log I saw a line that begins:
> 
> 103.67.235.45 - - [04/Apr/2019:20:33:27 -0400] "POST
> //?q=user/password&name[%23post_render][]=passthru&name[%23type]=markup&name[%23markup]=echo+R0lGOD
> 
> It goes on for something like 30 lines at the end of which is an
> apache 414 error. It looks to me like someone is trying to hack the
> site (drupal). Is it worth just dropping/blocking the IP?
> 

Probably? Unless it is you.

-- 
Sign Up for the WatCamp Newsletter: https://da.gd/wtcmp-news
(Also http://pnijjar.freeshell.org still exists)




More information about the kwlug-disc mailing list