php curl requests present in log files

April 29, 2016 2.2k views
Linux Commands PHP Ubuntu 16.04
abdurleo91
By:
abdurleo91

hi,i am managing my web app servers on digital ocean droplet.i recently saw access log files and come to know that from a unknown IP address a specific HTTP request is being targeted to my server and it has some instructions like killing all processes,making a specific file and also making a curl request to a specific IP address.i need help in this matter

Log In to Comment
1 Answer
JonsJava April 29, 2016

Unless you see your server actually doing these things, I wouldn't worry.

They are scanning your server for vulnerabilities. This happens all day, every day, and the longer you watch the logs, you'll see this behavior more and more. The easiest option is to block them at the firewall. (ufw deny from THEIR_IP to any)

Reply
Have another answer? Share your knowledge.

Related Questions