Question

Understanding apache.error.log message?

Posted March 7, 2018 16.2k views
ApacheLoggingUbuntu 16.04

Hi,

My apache.error.log is listing lots of messages.

I’d really like to:

  • understand what they mean
  • if I should be concerned
  • and what (if anything) I can do to fix them?

Here’s some examples:

Example 1
What does AH01071: Got error 'Primary script unknown\n' mean? I guess the referer means this traffic came from a google search? Is that right?

[Wed Mar 07 10:25:13.091724 2018] [proxy_fcgi:error] [pid 23250:tid 139792931026688] [client 34.211.170.204:32229] AH01071: Got error 'Primary script unknown\n', referer: https://google.com

Example 2
Same as Example 1, but there’s no referer. This error is mentioned again: AH01071: Got error 'Primary script unknown\n'

[Wed Mar 07 10:25:41.486181 2018] [proxy_fcgi:error] [pid 23251:tid 139793179039488] [client 106.161.134.188:32235] AH01071: Got error 'Primary script unknown\n'

Example 3
Same AH01071: Got error 'Primary script unknown\n' referer is http://d3creative.uk/wp-login.php. This looks like someone is trying to visit that page (that domain doesn’t use WordPress).

[Wed Mar 07 10:45:26.724938 2018] [proxy_fcgi:error] [pid 23503:tid 139793162254080] [client 201.17.159.95:32443] AH01071: Got error 'Primary script unknown\n', referer: http://d3creative.uk/wp-login.php

Can these errors be fixed? If so, can anyone tell me how?

Thanks for reading
Stephen

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Hi There,

From what I can find, it looks like there may be some configuration issues with Apache.
I would first start looking at any .htaccess files you may have.

Here is some relevant information:
http://www.coders.pro/2017/01/got-error-primary-script-unknown-update-php-fpm-apache-2-4/

Without knowing more about your setup and configuration, it’s difficult to pin point.

As for the examples containing referer, thats obviously someone trying to visit yourself by following a link from the referring site. The google.com one makes sense, but the http://d3creative.uk/wp-login.php seems odd.

Again, without knowing more about your setup, it’s hard to nail down. Perhaps you’re running a Wordpress site yourself and someone is “testing the security”.

Hi Adrian,

Thanks for taking the time to respond to my post.

I’ll take a look at that post you recommended. I do have a .htaccess file. It’d be great to get to the bottom of this.

Thanks again!

Submit an Answer