Friday, May 29, 2020

Deny Apache access by public IP - Fix error "script not found or unable to stat"

If you noticed following error in Apache error.log:

[Sat May 30 05:47:30.731862 2020] [php7:error] [pid 18581] [client 188.131.234.5 :2359] script '/var/www/html/easybiny/elrekt.php' not found or unable to stat

And corresponding Apache access.log:

188.131.234.5 - - [20/May/2020:05:47:30 +0000] "GET /elrekt.php HTTP/1.1" 404 415 0 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" "[XF -]" 52.203.153.105

You will be noticing that user/crawler is trying to access via your public server IP - 52.203.153.105

To prevent this, you need to add the following vhost to your httpd.conf file and reload apache configs:

<VirtualHost *:80>
    ServerName 52.203.153.105
    Redirect 403 /
    ErrorDocument 403 "Access Denied"
    DocumentRoot /var/www/html/easybiny
    UseCanonicalName Off
    UserDir disabled
</VirtualHost>

You can now test with a simple curl:

curl 52.203.153.105/elrekt.php

Access Denied


Yes - you get 403 access denied and no more errors in logs.



No comments:

Post a Comment