Application Log Events and Software Security Recommendations

Colt405

Colt405

New Member
I assume the exceptions are errors that the system can't resolve the request. That being said, what page is causing this flag and do i need to worry about these hits? I know that external port scans and attacks occur, is there a way to know what URL/Page they are trying to access on the MailWizz side or is this an error logged by the 404 (Unable to resolve request) function?

Are there any security/hardening strategies that are recommended on the application side as well as the server side? I didn't see a forum discussion on Security but I do think it is vital for integrity when integrating a piece of software like this one.

Currently, i am running multiple levels of security, .htaccess, directory scan for changes, ConfigServer Firewall (WHM/cPanel), CloudFlare DNS (medium security) and ConfigServer to CloudFlare Blocklist script.

Does anyone else have any recommendations when it comes to securing your installation?

From CWebApplication.php that throws error
PHP: 
          throw new CHttpException(404,Yii::t('yii','Unable to resolve the request "{route}".',
                array('{route}'=>$route===''?$this->defaultController:$route)));

Sample From Application Log
Code: 
2017/02/22 07:23:41 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "w00tw00t.at.blackhats.romanian.anti-sec:)".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('w00tw00t.at.bla...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/w00tw00t.at.blackhats.romanian.anti-sec:)
---
2017/02/22 07:23:42 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "phpMyAdmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('phpMyAdmin/scri...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/phpMyAdmin/scripts/setup.php
---
2017/02/22 07:23:43 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "phpmyadmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('phpmyadmin/scri...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/phpmyadmin/scripts/setup.php
---
2017/02/22 07:23:44 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "pma/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('pma/scripts/set...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/pma/scripts/setup.php
---
2017/02/22 07:23:45 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "myadmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('myadmin/scripts...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/myadmin/scripts/setup.php
---
2017/02/22 07:23:46 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "MyAdmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('MyAdmin/scripts...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/MyAdmin/scripts/setup.php
---
2017/02/22 07:23:47 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "PHPMYADMIN/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('PHPMYADMIN/scri...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/PHPMYADMIN/scripts/setup.php
---
2017/02/22 07:23:47 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "mysqladmin/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('mysqladmin/scri...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/mysqladmin/scripts/setup.php
---
2017/02/22 07:23:48 [error] [exception.CHttpException.404] exception 'CHttpException' with message 'Unable to resolve the request "SQL/scripts/setup.php".' in /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /home/emailw1za4d/public_html/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('SQL/scripts/set...')
#1 /home/emailw1za4d/public_html/apps/common/framework/base/CApplication.php(185): CWebApplication->processRequest()
#2 /home/emailw1za4d/public_html/apps/init.php(227): CApplication->run()
#3 /home/emailw1za4d/public_html/index.php(18): require_once('/home/emailw1za4d...')
#4 {main}
REQUEST_URI=/SQL/scripts/setup.php
 
Colt405 said:
That being said, what page is causing this flag and do i need to worry about these hits?
Click to expand...
No need to worry about them. The end users will see very little info related to any type of error. The application logs contains much more info, but that is private.
Colt405 said:
Are there any security/hardening strategies that are recommended on the application side as well as the server side? I didn't see a forum discussion on Security but I do think it is vital for integrity when integrating a piece of software like this one.
Click to expand...
You do what you do for any web app, there's nothing specific to mailwizz. By default we make the app pretty secure.

Colt405 said:
Currently, i am running multiple levels of security, .htaccess, directory scan for changes, ConfigServer Firewall (WHM/cPanel), CloudFlare DNS (medium security) and ConfigServer to CloudFlare Blocklist script.
Click to expand...
Good measures.

Colt405 said:
directory scan for changes
Click to expand...
Shameless plug, but you can automate this with: FileWizz.
 
You must log in or register to reply here.
Back
Top