php curl requests present in log files

April 29, 2016 2.8k views
PHP Linux Commands Ubuntu 16.04

hi,i am managing my web app servers on digital ocean droplet.i recently saw access log files and come to know that from a unknown IP address a specific HTTP request is being targeted to my server and it has some instructions like killing all processes,making a specific file and also making a curl request to a specific IP address.i need help in this matter

1 Answer

Unless you see your server actually doing these things, I wouldn’t worry.

They are scanning your server for vulnerabilities. This happens all day, every day, and the longer you watch the logs, you’ll see this behavior more and more. The easiest option is to block them at the firewall. (ufw deny from THEIR_IP to any)

Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!