httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: [users@httpd] Suspicious logging in access.log
Date Wed, 13 Jun 2007 20:55:57 GMT
Asrai khn wrote:
> Hi from last few days i am getting the below in access.log, and also
> duno what had been changed this virtaul machine which is hosting our
> clients domains going unresponsive after running for few hours. before
> it was running cool from last 2 years.
> Version : httpd-2.2.4-2.fc6

Well, it isn't this attack...

%u0aeb

tells you it targets IIS, plus this hit the access logs.

You want to know which request kills things.  To find that out, you need
to load mod_log_forensic and capture all the requests as they arrive, and
see which ones run to completion v.s. which ones hang up the server.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message