Page 1 of 1

Apache CGI: Error Message

PostPosted: 27. January 2014 01:57
by bruce2012
Hello team, I was checking my Apache error.log and I found that there some CGI error msgs every few days. here is one example that I just got today.

cgi:error pid 5792:tid 1712 [client 93.114.82.133:60375] script not found or unable to stat" c:/xampp/cgi-bin/php



I did research and I could not figure out why? I also do not know if this is serious or not. it happens every few days or while. I am running as building in "Administrator" on the server. so I should not have permission issues.

Thank you in advance!

Re: Apache CGI: Error Message

PostPosted: 27. January 2014 02:16
by JJ_Tagy
It's just phishing. Looks like you opened external access to your server.

Re: Apache CGI: Error Message

PostPosted: 27. January 2014 03:07
by bruce2012
JJ_Tagy, yes. we setup external access because we need for live environment testing. so I guess that there is nothing wrong with Apache server setting and we do not need to worry about it. right? Thank you for helping!

Re: Apache CGI: Error Message

PostPosted: 27. January 2014 05:50
by Altrea
XAMPP is not configured for live, production or public accessible environments. It is not secure enough and you cannot patch known vulnerabilities in single components that easy.

So if you have secured the XAMPP components enough or do not care about being a member in a bot net you don't need to worry. Otherwise you should.

Re: Apache CGI: Error Message

PostPosted: 27. January 2014 05:57
by bruce2012
Hi Altrea, I got it. thank you for the information!

Re: Apache CGI: Error Message

PostPosted: 27. January 2014 06:04
by Altrea
You are welcome.

stop /cgi-bin/ attacks

PostPosted: 17. February 2014 05:18
by bruce2012
Hello all, I notice that there are lots of cgi:error in my apache error log. here are some samples:


[Sun Feb 16 09:14:26.277308 2014] [cgi:error] [pid 4752:tid 1728] [client 202.158.37.2:12576] script not found or unable to stat: C:/xampp/cgi-bin/php
[Sun Feb 16 09:14:26.714109 2014] [cgi:error] [pid 4752:tid 1720] [client 202.158.37.2:12652] script not found or unable to stat: C:/xampp/cgi-bin/php5
[Sun Feb 16 09:14:27.150910 2014] [cgi:error] [pid 4752:tid 1752] [client 202.158.37.2:12745] script not found or unable to stat: C:/xampp/cgi-bin/php-cgi
[Sun Feb 16 09:14:27.587711 2014] [cgi:error] [pid 4752:tid 1748] [client 202.158.37.2:12816] script not found or unable to stat: C:/xampp/cgi-bin/php.cgi
[Sun Feb 16 09:14:28.008911 2014] [cgi:error] [pid 4752:tid 1744] [client 202.158.37.2:12861] script not found or unable to stat: C:/xampp/cgi-bin/php4
[Sun Feb 16 09:18:39.700750 2014] [cgi:error] [pid 4752:tid 1728] [client 213.167.153.173:34001] script not found or unable to stat: C:/xampp/cgi-bin/php
[Sun Feb 16 09:18:40.652352 2014] [cgi:error] [pid 4752:tid 1748] [client 213.167.153.173:34108] script not found or unable to stat: C:/xampp/cgi-bin/php5
[Sun Feb 16 09:18:41.120353 2014] [cgi:error] [pid 4752:tid 1744] [client 213.167.153.173:34195] script not found or unable to stat: C:/xampp/cgi-bin/php-cgi
[Sun Feb 16 09:18:41.635154 2014] [cgi:error] [pid 4752:tid 1720] [client 213.167.153.173:34256] script not found or unable to stat: C:/xampp/cgi-bin/php.cgi
[Sun Feb 16 09:18:42.087554 2014] [cgi:error] [pid 4752:tid 1752] [client 213.167.153.173:34303] script not found or unable to stat: C:/xampp/cgi-bin/php4



How can I prevent this kind of attack? I am not sure if they did some damages or not at the movement? can I make /cgi-bin/ folder not accessible in xampp apache

Please advise? thank you!!!

Re: Apache CGI: Error Message

PostPosted: 17. February 2014 05:34
by Altrea
Hi Bruce,

Merged with your other thread. The answer is still the same.
=> [INFO] How to not fail getting help here (section "Scope of support" for live, production or public accessible environments)

Best wishes,
Altrea

Re: Apache CGI: Error Message

PostPosted: 17. February 2014 06:24
by bruce2012
Altrea, you are right, sorry... I forgot the older thread. Thank you