Understanding apache.error.log message?

March 7, 2018 15.3k views
Apache Logging Ubuntu 16.04
smeehan
By:
smeehan

Hi,

My apache.error.log is listing lots of messages.

I’d really like to:

  • understand what they mean
  • if I should be concerned
  • and what (if anything) I can do to fix them?

Here’s some examples:

Example 1
What does AH01071: Got error 'Primary script unknown\n' mean? I guess the referer means this traffic came from a google search? Is that right?

[Wed Mar 07 10:25:13.091724 2018] [proxy_fcgi:error] [pid 23250:tid 139792931026688] [client 34.211.170.204:32229] AH01071: Got error 'Primary script unknown\n', referer: https://google.com

Example 2
Same as Example 1, but there’s no referer. This error is mentioned again: AH01071: Got error 'Primary script unknown\n'

[Wed Mar 07 10:25:41.486181 2018] [proxy_fcgi:error] [pid 23251:tid 139793179039488] [client 106.161.134.188:32235] AH01071: Got error 'Primary script unknown\n'

Example 3
Same AH01071: Got error 'Primary script unknown\n' referer is http://d3creative.uk/wp-login.php. This looks like someone is trying to visit that page (that domain doesn’t use WordPress).

[Wed Mar 07 10:45:26.724938 2018] [proxy_fcgi:error] [pid 23503:tid 139793162254080] [client 201.17.159.95:32443] AH01071: Got error 'Primary script unknown\n', referer: http://d3creative.uk/wp-login.php

Can these errors be fixed? If so, can anyone tell me how?

Thanks for reading
Stephen

Sign In to Comment
2 Answers
AdrianStOnge March 20, 2018

Hi There,

From what I can find, it looks like there may be some configuration issues with Apache.
I would first start looking at any .htaccess files you may have.

Here is some relevant information:
http://www.coders.pro/2017/01/got-error-primary-script-unknown-update-php-fpm-apache-2-4/

Without knowing more about your setup and configuration, it’s difficult to pin point.

As for the examples containing referer, thats obviously someone trying to visit yourself by following a link from the referring site. The google.com one makes sense, but the http://d3creative.uk/wp-login.php seems odd.

Again, without knowing more about your setup, it’s hard to nail down. Perhaps you’re running a Wordpress site yourself and someone is “testing the security”.

Report
smeehan March 23, 2018

Hi Adrian,

Thanks for taking the time to respond to my post.

I’ll take a look at that post you recommended. I do have a .htaccess file. It’d be great to get to the bottom of this.

Thanks again!

Report
Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Related