tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Howard W. Smith, Jr." <smithh032...@gmail.com>
Subject Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404
Date Wed, 10 Apr 2013 11:32:09 GMT
Every now and then, I like to review localhost_access_log files, just to
see who might be trying to access my web app, running on TomEE 1.6.0
snapshot (Tomcat 7.0.39). So, a few minutes ago, I saw the following in the
log:

113.11.200.30 - - [09/Apr/2013:19:26:58 -0400] "HEAD /manager/html
HTTP/1.0" 404 -

This is an unfamiliar ip address to me, and I have already prepared the
app/tomcat for these type of attacks. How? by removing any/all tomee/tomcat
(manager/web) apps. I did that some time ago, when I first migrated from
glassfish to tomee/tomcat, and that was the best/easiest way I knew how to
prevent these type of attacks.

Can someone please give/share some background on this type of attack?

Thanks,
Howard

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message