Application Log Events and Software Security Recommendations

Colt405

New Member
I assume the exceptions are errors that the system can't resolve the request. That being said, what page is causing this flag and do i need to worry about these hits? I know that external port scans and attacks occur, is there a way to know what URL/Page they are trying to access on the MailWizz side or is this an error logged by the 404 (Unable to resolve request) function?

Are there any security/hardening strategies that are recommended on the application side as well as the server side? I didn't see a forum discussion on Security but I do think it is vital for integrity when integrating a piece of software like this one.

Currently, i am running multiple levels of security, .htaccess, directory scan for changes, ConfigServer Firewall (WHM/cPanel), CloudFlare DNS (medium security) and ConfigServer to CloudFlare Blocklist script.

Does anyone else have any recommendations when it comes to securing your installation?

From CWebApplication.php that throws error

PHP:
          throw new CHttpException(404,Yii::t('yii','Unable to resolve the request "{route}".',
                array('{route}'=>$route===''?$this->defaultController:$route)));

Sample From Application Log
Code:
2017/02/22 07:23:41 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "w00tw00t.at.blackhats.romanian.anti-sec:)".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('w00tw00t.at.bla...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/w00tw00t.at.blackhats.romanian.anti-sec:)
---
2017/02/22 07:23:42 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "phpMyAdmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('phpMyAdmin/scri...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/phpMyAdmin/scripts/setup.php
---
2017/02/22 07:23:43 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "phpmyadmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('phpmyadmin/scri...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/phpmyadmin/scripts/setup.php
---
2017/02/22 07:23:44 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "pma/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('pma/scripts/set...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/pma/scripts/setup.php
---
2017/02/22 07:23:45 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "myadmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('myadmin/scripts...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/myadmin/scripts/setup.php
---
2017/02/22 07:23:46 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "MyAdmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('MyAdmin/scripts...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/MyAdmin/scripts/setup.php
---
2017/02/22 07:23:47 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "PHPMYADMIN/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('PHPMYADMIN/scri...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/PHPMYADMIN/scripts/setup.php
---
2017/02/22 07:23:47 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "mysqladmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('mysqladmin/scri...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/mysqladmin/scripts/setup.php
---
2017/02/22 07:23:48 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "SQL/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('SQL/scripts/set...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/SQL/scripts/setup.php
 

twisted1919

Administrator
Staff member
That being said, what page is causing this flag and do i need to worry about these hits?
No need to worry about them. The end users will see very little info related to any type of error. The application logs contains much more info, but that is private.
Are there any security/hardening strategies that are recommended on the application side as well as the server side? I didn't see a forum discussion on Security but I do think it is vital for integrity when integrating a piece of software like this one.
You do what you do for any web app, there's nothing specific to mailwizz. By default we make the app pretty secure.

Currently, i am running multiple levels of security, .htaccess, directory scan for changes, ConfigServer Firewall (WHM/cPanel), CloudFlare DNS (medium security) and ConfigServer to CloudFlare Blocklist script.
Good measures.

directory scan for changes
Shameless plug, but you can automate this with: FileWizz.
 
Top