Premature end of script headers: index.php

postcd

• October 27, 2014 08:36

Hello, on an WHM server in i see error "Premature end of script headers: index.php" (nothing else, no mentioning on which cpanel account) It is there repeatedly and always like 20 times and all in one second, each from another IP. Please how to discover which script on server does this? When i looked up one of the client IPs mentioned in the error log entry in apache access logs: grep -Ril IPHERE /usr/local/apache/domlogs i found its mentioned many times acros many cpanel accounts, and the IPs belongs to a crawler How can i globally block this crawler on WHM please ? Adding this: RewriteEngine On RewriteCond %{HTTP_USER_AGENT} ^MJ12bot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^MJ12bot2 [NC] RewriteRule .*

• 

  cPanelMichael

  • October 28, 2014 14:53

  Hello :) Have you considered blocking the offending IP address in your firewall? Thank you.

  0
• 

  postcd

  • October 28, 2014 15:36

  That is not what i asked, it is many different IPs.

  0
• 

  cPanelMichael

  • October 28, 2014 18:26

  I have moved this thread to our "Security" forum where you are likely to receive more user-feedback on the custom Mod_Rewrite rules you are seeking. Thank you.

  0
• 

  quizknows

  • October 28, 2014 18:53

  Not a rewrite rule, but an easy modsec rule anyway SecRule HTTP_User-Agent "MJ12bot" "deny,status:406,id:3857264" This would block any user agent with MJ12bot anywhere in it, including MJ12bot2

  0

Please sign in to leave a comment.