[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "...Hahaha!" message auf Webserver?

On 2017-09-25 22:55:27 Sebastian Suchanek hacked into the keyboard:
> Am 25.09.2017 um 22:32 schrieb Michael:
> 
> > [...]
> > Kann es vielleicht sein, dass die Default-Konfig. noch aktiv ist? Ich 
> > weiß nicht wie sich Apache verhalten würde, wenn es mehrere Vhosts gibt 
> > die auf den gleichen Namen hören aber auf unterschiedliche Ziele zeigen 
> > (Ist das überhaupt möglich?)
> 
> Ohne es ausprobiert zu haben, würde ich bei so etwas mindestens
> Fehlermeldungen in den Logfiles erwarten. Ich habe Apache (IIRC v2.2)
> schon als recht "jammerig" erlebt, wenn sich in die
> vHost-Konfigurationen Fehler wie Doppelbenennungen eingeschlichen haben.

Eben, der Indianer weigert sich sogar zeitweilig starten zu lassen.

Jetzt habe ich noch was anderes Entdeckt:

Der   VHost   <www.miila-mahe-aed.eu>   hat   sein   Document_Root    in
/srv/CONFIG_www.miila-mahe-aed.eu/htdocs und schreibt  seine  logs  nach
/srv/CONFIG_www.miila-mahe-aed.eu/log/apache/

Die Eintraege sehen in den logs dann so aus:

----8<------------------------------------------------------------------
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET / HTTP/1.1" 200 4949 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /css_printer.css HTTP/1.1" 200 294 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /css_standard.css HTTP/1.1" 200 1088 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /css_kikis_style.css HTTP/1.1" 200 605 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /updates.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /farmhouse/farmhouse.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /kiki/kiki_head.jpg HTTP/1.1" 200 45827 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /spiritual/spiritual-earth.01s.jpg HTTP/1.1" 200 40144 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /miisu/miisu_head.jpg HTTP/1.1" 200 30781 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /tablebackground.03.png HTTP/1.1" 200 4452 "http://www.miila-mahe-aed.eu/css_standard.css"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:43 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /eu_support.jpg HTTP/1.1" 200 109311 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /tablebackground.01.png HTTP/1.1" 200 4453 "http://www.miila-mahe-aed.eu/css_standard.css"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /forest/forest.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /dino-miisu/dino-miisu.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /renewable_energies/renewable_energies.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /projects_24v/projects_24v.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /biofarming/biofarming.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /animals/animals.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /projects_bio/projects_bio.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /bees/bees.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /shop/onlineshop.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /misc/misc.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /websites.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /mailinglists.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /impressum.jpg HTTP/1.1" 200 9561 "http://www.miila-mahe-aed.eu/"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:44 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /wallpaper.01a.jpg HTTP/1.1" 200 715143 "http://www.miila-mahe-aed.eu/css_standard.css"; "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
[2017-09-25 23:13:46 +0200] 93.202.107.53 [www.miila-mahe-aed.eu] - - "GET /favicon.ico HTTP/1.1" 404 243 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
----8<------------------------------------------------------------------

Welche einwandfrei sind, wenn ich davon absehe das ich 176.000 Logzeilen
seit 17:00 bekommen habe.

Logrotate rotiert die auch anstaendig.

Nun gibt es aber fuer VHosts,  welche  kein  eigenes  Document_Root  das
/srv/htdocs sowie das Log-Verzeichnis /srv/log/apache.

So, nun finde ich im lezteren Eintraege (gekuerzt  denn  es  sind  ueber
2800) wie:

----8<------------------------------------------------------------------
[2017-02-04 17:06:01 +0100] 82.242.206.133 [www.miila-mahe-aed.eu] - - "GET / HTTP/1.1" 302 20 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0"
[2017-02-04 17:06:01 +0100] 82.242.206.133 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0"
[2017-09-25 17:36:58 +0200] 217.92.20.187 [www.miila-mahe-aed.eu] - - "GET / HTTP/1.1" 302 20 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0"
[2017-09-25 17:36:59 +0200] 217.92.20.187 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0"
[2017-09-25 17:47:34 +0200] 84.173.247.54 [www.miila-mahe-aed.eu] - - "GET / HTTP/1.1" 302 20 "-" "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0"
[2017-09-25 17:47:34 +0200] 84.173.247.54 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "-" "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0"
[2017-09-25 17:52:10 +0200] 217.92.20.187 [www.miila-mahe-aed.eu] - - "GET / HTTP/1.1" 302 20 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393"
[2017-09-25 17:52:10 +0200] 217.92.20.187 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393"
[2017-09-25 18:22:29 +0200] 84.139.249.23 [www.miila-mahe-aed.eu] - - "GET / HTTP/1.1" 302 20 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.78 Safari/537.36"
[2017-09-25 18:22:29 +0200] 84.139.249.23 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.78 Safari/537.36"
[2017-09-25 18:26:25 +0200] 194.230.159.157 [www.miila-mahe-aed.eu] - - "GET / HTTP/1.1" 302 20 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G930F Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.116 Mobile Safari/537.36"
[2017-09-25 18:26:25 +0200] 194.230.159.157 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G930F Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.116 Mobile Safari/537.36"
[2017-09-25 19:44:28 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "HEAD / HTTP/1.1" 302 - "-" "curl/7.38.0"
[2017-09-25 19:45:07 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "HEAD / HTTP/1.1" 302 - "-" "curl/7.38.0"
[2017-09-25 19:45:07 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "HEAD /?what=index HTTP/1.1" 200 - "-" "curl/7.38.0"
[2017-09-25 19:45:29 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET / HTTP/1.1" 302 20 "-" "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:29 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "-" "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:29 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:34 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:37 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:41 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:42 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:43 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:44 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:44 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:45:45 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "https://www.miila-mahe-aed.eu/?what=index"; "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:46:18 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "GET /?what=index HTTP/1.1" 200 20 "-" "Mozilla/5.0 (X11; Linux) AppleWebKit/538.15+ Midori/0.5"
[2017-09-25 19:46:35 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "HEAD / HTTP/1.1" 302 - "-" "curl/7.38.0"
[2017-09-25 19:46:35 +0200] 46.165.243.72 [www.miila-mahe-aed.eu] - - "HEAD /?what=index HTTP/1.1" 200 - "-" "curl/7.38.0"
----8<------------------------------------------------------------------

Ehm, wie kann das sein?

So wie es ausssieht gehen diese Anfragen nach /srv/htdocs in  dem  eine
index.php liegt welche die VHosts bedient, die nicht konfiguriert sind.

Aber wie man an der ersten Log sieht, IST der  VHost  konfiguriert  und
funktioniert.

Ich finde nirgendwo einen Hinweis, das die  Domain  in  /srv/htdocs  zu
finden ist

> Tschüs,
> 
> Sebastian

Ebenso

-- 
Michelle Konzack        Miila ITSystems @ TDnet
GNU/Linux Developer     00372-54541400

Attachment: signature.asc
Description: Digital signature

Reply to: