httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Dobák <erik.do...@gmail.com>
Subject Re: [users@httpd] am i hacked ?
Date Tue, 07 Feb 2017 22:51:42 GMT
with the current number of critters around probably yes.
E

On 6 February 2017 at 23:05, Wim Lewis <wiml@omnigroup.com> wrote:

>
> On 2/6/2017 8:36 AM, Jack Swan wrote:
> > What upsets me is that these two requests have statuscode 200, which
> mean it was successfull.
>
> As Jonesy points out, it's normal for the web server to simply ignore a
> request's query-string in a request where it wouldn't mean anything. So
> Apache is happily returning the result of "GET /" and ignoring the
> malicious probe.
>
> If you don't have PHP installed, you're safe from whatever this is. If the
> user your webserver runs as can't write to the documentroot or
> configuration directory, you're safe from whatever this is.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message