Has my Apache been hacked?

Problems with the Linux version of XAMPP, questions, comments, and anything related.

Has my Apache been hacked?

Postby kaspencer » 29. March 2018 09:36

For the past few days I have noted a great many lines similar to that shown below, in my logs of one of my sites:

195.154.44.62 - - [28/Mar/2018:07:59:34 +0100] "GET / HTTP/1.1" 200 4995 "http://verbflexdabbfi.soup.io" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0"

The redirected address shown in the GET clause varies a bit between 4 or 5 different sites. Only one of three virtual domains are affected, not the entire server.
This looks like illegal activity, but I am not sure exactly what is happening. As a safety measure I have added the IP addresses to my deny list.

Does anyone have any ideas?

Thanks,

Kenneth Spencer
kaspencer
 
Posts: 1
Joined: 29. March 2018 09:28
XAMPP version: V2 Linux
Operating System: Windows 10 and Linux Raspian

Re: Has my Apache been hacked?

Postby Nobbie » 29. March 2018 16:45

I cannot see any illegal activity there.
Nobbie
 
Posts: 13170
Joined: 09. March 2008 13:04

Re: Has my Apache been hacked?

Postby MattPayne » 01. March 2021 01:45

Looks pretty fine in terms of bad activity
My website - https://www.scalr.ai/
MattPayne
 
Posts: 2
Joined: 20. February 2021 21:02
Location: Richmond, VA
XAMPP version: 1.7.7
Operating System: Windows 7 Ultimate SP1 64-Bit


Return to XAMPP for Linux

Who is online

Users browsing this forum: No registered users and 29 guests