Hello guys. I got this from OSSEC and I have no idea whats going on. Mod evasive didn't block it and I don't even get what its trying to accomplish to be honest... This site is probably an old version of cs cart...
Received From: plesk->/var/log/httpd/error_log
Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system."
Portion of the log(s):
[Thu Jul 05 21:41:23 2012] [warn-phpd] mmap cache can't open /var/www/vhosts/somedomain.org/httpdocs/var/compiled/mail/%%B2^B27^B27F06E6%%order_notification_subj.tpl.php - Permission denied (pid 19211)
[Thu Jul 05 21:41:23 2012] [warn-phpd] mmap cache can't open /var/www/vhosts/somedomain.org/httpdocs/var/compiled/mail/%%5A^5AF^5AFE5E7B%%order_notification.tpl.php - Permission denied (pid 19211)
warn-phpd permission denied
warn-phpd permission denied
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: warn-phpd permission denied
That doesnt look like an attack, that looks like a misconfiguration. This:
Looks like the domain is setup to generate php opcode and to store it in the subdirectory /var/compiled/mail/, and it cant open the compiled opcode in that directory. Are the permissions on that directory setup to allow your webserver to read (and probably also write) to/from that directory?mmap cache can't open /var/www/vhosts/somedomain.org/httpdocs/var/compiled/mail/%%B2^B27^B27F06E6%%order_notification_subj.tpl.php - Permission denied (pid 19211)
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: warn-phpd permission denied
mikeshinn wrote:That doesnt look like an attack, that looks like a misconfiguration. This:
Looks like the domain is setup to generate php opcode and to store it in the subdirectory /var/compiled/mail/, and it cant open the compiled opcode in that directory. Are the permissions on that directory setup to allow your webserver to read (and probably also write) to/from that directory?mmap cache can't open /var/www/vhosts/somedomain.org/httpdocs/var/compiled/mail/%%B2^B27^B27F06E6%%order_notification_subj.tpl.php - Permission denied (pid 19211)
Changed it to 755. Probably it was a permissions issue ...
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego