Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: httpd/access_log filling up
« previous next »
Pages: [1]   Go Down

httpd/access_log filling up

  • 4 Replies
  • 3268 Views

sound101

httpd/access_log filling up
« on: April 02, 2006, 08:52:36 PM »
Hi

My httpd/access_log is filling up with:

heaslip.me.uk 83.245.45.230 - - [02/Apr/2006:13:04:16 +0100] "HEAD / HTTP/1.0" 200 - "-" "WhatsUp_Gold/7.0"
heaslip.me.uk 83.245.45.230 - - [02/Apr/2006:13:05:13 +0100] "HEAD / HTTP/1.0" 200 - "-" "WhatsUp_Gold/7.0"
heaslip.me.uk 83.245.45.230 - - [02/Apr/2006:13:06:16 +0100] "HEAD / HTTP/1.0" 200 - "-" "WhatsUp_Gold/7.0"
heaslip.me.uk 83.245.45.230 - - [02/Apr/2006:13:07:13 +0100] "HEAD / HTTP/1.0" 200 - "-" "WhatsUp_Gold/7.0"

this message repeats itself every minute, the ip address is part of the range my isp uses, any ideas on how i can stop this logging?

Am running SME 7.0rc1 in server only mode, my firewall fowards tcp/udp ports 80 & 25 to the sme box.

Thanks
Logged

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: httpd/access_log filling up
« Reply #1 on: April 03, 2006, 12:16:23 AM »
Quote from: "sound101"
Hi

My httpd/access_log is filling up with:

heaslip.me.uk 83.245.45.230 - - [02/Apr/2006:13:04:16 +0100] "HEAD / HTTP/1.0" 200 - "-" "WhatsUp_Gold/7.0"
heaslip.me.uk 83.245.45.230 - - [02/Apr/2006:13:05:13 +0100] "HEAD / HTTP/1.0" 200 - "-" "WhatsUp_Gold/7.0"
heaslip.me.uk 83.245.45.230 - - [02/Apr/2006:13:06:16 +0100] "HEAD / HTTP/1.0" 200 - "-" "WhatsUp_Gold/7.0"
heaslip.me.uk 83.245.45.230 - - [02/Apr/2006:13:07:13 +0100] "HEAD / HTTP/1.0" 200 - "-" "WhatsUp_Gold/7.0"

this message repeats itself every minute, the ip address is part of the range my isp uses, any ideas on how i can stop this logging?


You could do it by blocking that IP address. But why do you want to stop that logging? The log file is *meant* to record accesses to your website. These records indicate accesses to your website (by a network monitoring tool).
Logged

sound101

httpd/access_log filling up
« Reply #2 on: April 03, 2006, 12:29:02 AM »
Cant block IP with firewall, the rule to foward port 80 overrides the block.

Want to stop this IP logging because it happens every 1 minute 24/7 makes it difficult to go through the logs for real website access, ie someone looking at it not a monitoring tool.
Logged

Offline JonB

  • *
  • 351
  • +0/-0
httpd/access_log filling up
« Reply #3 on: April 03, 2006, 01:46:16 AM »
Try this on the server. From the server console

Code: [Select]
db configuration setprop httpd-e-smith DenyHosts 83.245.45.230
signal-event remoteaccess-update

Jon
Logged
...

sound101

httpd/access_log filling up
« Reply #4 on: April 03, 2006, 07:20:30 PM »
Many thanks Jon, worked perfect! Another quick Q been getting this message in messages log file every hour:

Apr  3 17:01:01 server crond(pam_unix)[27487]: session opened for user root by (uid=0)
Apr  3 17:01:01 server crond(pam_unix)[27487]: session closed for user root

and this e-mail in my admin:

etc/cron.daily/01-rkhunter:

Line:
Watch out Root login possible. Possible risk!
-----------------------------------------------------------------

Found warnings:
[04:05:40] Warning: root login possible. Change for your safety the 'PermitRootLogin'


is this normal for 7.x ? didnt notice it in 6.01...

Thanks

Ben
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: httpd/access_log filling up