ZC-10149 - whm-server-status requests
Hi, i'm using litespeed and i've noticed in my /var/log/apache/error_log lines like :
[127.0.0.1:34460] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34466] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34468] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34472] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34474] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34478] File not found [/var/www/html/whm-server-status]
[127.0.0.1:34488] File not found [/var/www/html/whm-server-status]
In /var/log/apache2/access_log i get :
127.0.0.1 - - [20/Mar/2019:09:14:17 +0200] "GET /whm-server-status HTTP/1.1" 404 10073 "-" "HTTP-Tiny/0.070"
I have almost 1 request every 1-2 seconds to both log files.
I dont know if that requests come from some cpanel service that is trying to check if apache is up or something about apache status, or someone runs scripts in order to use the security problem posted some time ago for cpanel's apache whm-server-status (hosting.review/news/cpanel-vulnerability/).
If that request comes from cpanel service, how can i disable it, as it's logging (hard disk i/o without reason) too many lines?
If it's not coming from cpanel, is there a way to check which user is trying to connect (user domain logs dont have requests to that url)?
best regards,
-
Hello @dzamanakos, LiteSpeed does not support the use of the whm-server-status page and thus "File not found" errors are reported in the error log whenever a cPanel & WHM feature that relies on the page attempts to access it. It's used across multiple features, so there's no way to easily disable those local access attempts at this time. We do have a internal case open (ZC-4828) to explore removing the reliance on whm-server-status. There's no time frame to offer at this time, but I'll update this thread more information on it's status as it becomes available. Thank you. 0 -
I am also waiting for a solution to this problem! 0 -
Just wanted to add that allowing many non-error lines in the access and error log files can make it more difficult for customers to find genuine errors. A solution could block server status in a special way that does not cause Apache to record a message in its logs. This would require coordination between the Apache and cPanel organizations, but would not require redesign of cPanel. 0 -
I have this problem too. Logs filling up with: localhost - - [05/Jun/2021:20:40:05 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:20:45:01 -0400] "GET /whm-server-status HTTP/1.0" 200 50783 "-" "-" localhost - - [05/Jun/2021:20:46:16 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:20:50:01 -0400] "GET /whm-server-status HTTP/1.0" 200 50778 "-" "-" localhost - - [05/Jun/2021:20:52:12 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:20:55:01 -0400] "GET /whm-server-status HTTP/1.0" 200 50777 "-" "-" localhost - - [05/Jun/2021:21:00:01 -0400] "GET /whm-server-status HTTP/1.0" 200 50690 "-" "-" localhost - - [05/Jun/2021:21:00:01 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:21:05:02 -0400] "GET /whm-server-status HTTP/1.0" 200 51198 "-" "-" localhost - - [05/Jun/2021:21:06:18 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:21:10:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51142 "-" "-" localhost - - [05/Jun/2021:21:11:21 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:21:15:02 -0400] "GET /whm-server-status HTTP/1.0" 200 51111 "-" "-" localhost - - [05/Jun/2021:21:17:21 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:21:20:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51095 "-" "-" localhost - - [05/Jun/2021:21:25:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51148 "-" "-" localhost - - [05/Jun/2021:21:26:19 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:21:30:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51171 "-" "-" localhost - - [05/Jun/2021:21:35:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51177 "-" "-" localhost - - [05/Jun/2021:21:36:19 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:21:40:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51175 "-" "-" localhost - - [05/Jun/2021:21:45:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51136 "-" "-" localhost - - [05/Jun/2021:21:46:20 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:21:50:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51080 "-" "-" localhost - - [05/Jun/2021:21:55:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51081 "-" "-" localhost - - [05/Jun/2021:21:56:20 -0400] "GET / HTTP/1.0" 200 163 "-" "-" localhost - - [05/Jun/2021:22:00:01 -0400] "GET /whm-server-status HTTP/1.0" 200 51130 "-" "-" 0 -
I've added a comment to the original case and let the web server development team know about this. I currently don't have any other details, but if I hear something I'll be sure to post. 0 -
Getting these too and clutters up triage haha. Would be really much appreciated to have this ignored when lsws is installed with whm... would just, make sense right? Thank you for the hard work, cheers! 0 -
I've reached out to the team, although it's still a bit early here. I'll post back when I hear an update. 0 -
I've reached out to the team, although it's still a bit early here. I'll post back when I hear an update.
Oh sweet! Didn't think the response would be so speedy! Not a rush type thing, just a helpful clean up false positive in the log type thing. But definitely think it's been asked about for over 2yrs, so I'd love to help get something figured out so we can put this little nuance behind us haha. I know there's a million other important things, but little stuff like this adds up for your company as well, when people like us recommended your system because it is so well taken care of specifically with lsws. I think having a corner on optimizing lsws would be a pretty awesome strategy. So far from my education this is quite on the top and why I have stuck with cpanel for the last 6 years on my lsws.0 -
I just wanted to post an update that I haven't heard back from this on my end yet. Hopefully I'll have more to share soon! 0 -
I just wanted to post an update that I haven't heard back from this on my end yet. Hopefully I'll have more to share soon!
Bummer! Thanks for the update0 -
Update - the team plans to have a discussion about this next week, so I won't have anything until probably Wednesday or Thursday. 0 -
Update - the team plans to have a discussion about this next week, so I won't have anything until probably Wednesday or Thursday.
Kool, sounds good. Let me know how that comes out! Thank you for your time.0 -
This caused some good discussion on our end, and I have some updates. Originally the plan was the deprecate mod_status and replace it with something else. However, our team found that it gets referenced and used in several other areas of the product, so that would not be an ideal solution. We also considered the feature request mentioned above that would allow server administrators to just disable mod_status, but due to the same reasons above, that could lead to odd behavior elsewhere. At this point, the plan is to leave mod_status but just make it less chatty so it doesn't log nearly as often to the log. There's an internal development case for this so I'll be sure to post an update once I have more details. I'm hoping this gets some action in Q3 of this year, but it could be into Q4. 0 -
Ask about this in 2019, and today 11/01/2022 when I was analyzing my logs and I saw this problem again remember this post and I came to check it out, but apparently today there is no solution right? Do you have any predictions? 0 -
Let me reach out to the team and I'll see where this is at! 0 -
Our team is potentially looking at getting to this in the first half of next year. 0 -
Our team is potentially looking at getting to this in the first half of next year.
Dang, thanks for the update, but that's a bit off in the distance haha. I know I don't understand how complex things are on the back end, but seems like a simple explude the error if the server flags as litespeed at surface... Where are all the interns! Haha. But now Reading the other guy's post that he mentioned this back in 2009, I now think it's pretty unacceptable. This is certainly a more simple type situation in my humble opinion. It's simply removing an error in an error log, I'm no coder, but definitely doesn't need like a whole refactoring of the code or anything from My surface level Understanding. Anymore details into something more meaningful, perhaps from the engineers, would probably help us understand things a lot more. And make it a lot more frustrating when we day-to-day have to sift through these issues that are erroneously showing up in error logs. Like many things, I can only imagine the thousands of people that don't even take the effort to come here and post, It's just us few that feel like actually trying to get some kind of positive change on something that come here and take our time and effort to put in on the issue. I think it would be very prudent to make that a little bit more of a low hanging fruit Quick knockout, makes many of your customers happy, especially for the guy that's been waiting three years... It's the little things sometimes ya know?0 -
@RevivalTech - while it likely is a minor change, it does affect the web server and the cPanel interface, so there is still much testing that needs to happen with both our developers and our QA team, so the process may not be as simple as you'd expect. From what we've seen, this is also affecting a small subset of cPanel users, as this thread has been open since 2019 and we're just now on the second page of replies, with about half those replies coming from cPanel support. The project is definitely on our radar, but larger fixes and features have taken some priority from the team specific to this project. I'll be sure to post an update once I have more info to share. 0 -
[QUOTE="cPRex, postagem: 2953417, membro: 586151"> Nossa equipe est" olhando potencialmente para chegar a isso no primeiro semestre do pr"ximo ano. [/CITAR] Ok Tankyou! 0 -
Using the LiteSpeed server, our logs are full of noise. Would be nice to file this issue away as solved. 127.0.0.1 - - [08/Apr/2023:17:00:04 +0000] "GET /whm-server-status HTTP/1.0" 404 70255 "-" "-" 127.0.0.1 - - [08/Apr/2023:17:02:24 +0000] "GET /whm-server-status HTTP/1.0" 404 70255 "-" "-" 127.0.0.1 - - [08/Apr/2023:17:02:56 +0000] "GET /whm-server-status HTTP/1.0" 404 70255 "-" "-" 127.0.0.1 - - [08/Apr/2023:17:03:02 +0000] "GET /whm-server-status HTTP/1.0" 404 70255 "-" "-" 127.0.0.1 - - [08/Apr/2023:17:03:42 +0000] "GET /whm-server-status HTTP/1.0" 404 70255 "-" "-" 127.0.0.1 - - [08/Apr/2023:17:05:02 +0000] "GET /whm-server-status HTTP/1.0" 404 70255 "-" "-" 0 -
i as well would still like to see this cleaned up... 0 -
Here we are, 6 years later, and this is still an issue...
0 -
Alright, I spoke with the team about this and we figured out a few things:
-since this is an issue when LiteSpeed is present, we've moved this to be an upstream case, as their team should ultimately be the ones handling it.
-you can do the following as a workaround in the mean time by adding the following code to the pre_main_global include file for Apache: https://docs.cpanel.net/whm/service-configuration/include-editor/
RewriteRule ^/whm-server-status$ - [E=dontlog:1]
0
Please sign in to leave a comment.
Comments
26 comments