php curl requests present in log files

April 29, 2016 362 views
Linux Commands PHP Ubuntu 16.04

hi,i am managing my web app servers on digital ocean droplet.i recently saw access log files and come to know that from a unknown IP address a specific HTTP request is being targeted to my server and it has some instructions like killing all processes,making a specific file and also making a curl request to a specific IP address.i need help in this matter

1 Answer

Unless you see your server actually doing these things, I wouldn't worry.

They are scanning your server for vulnerabilities. This happens all day, every day, and the longer you watch the logs, you'll see this behavior more and more. The easiest option is to block them at the firewall. (ufw deny from THEIR_IP to any)

Have another answer? Share your knowledge.