• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Unauthorized access to psa / admin folder

ChrisCP

Basic Pleskian
Hello everyone,

While looking through the logs I noticed that an unknown IP address tried to access the folder usr / local / psa / admin / htdocs.

The log shows:
Code:
2021/03/07 19:39:39 [error] 1542#0: *303 open() "/usr/local/psa/admin/htdocs/Autodiscover/Autodiscover.xml" failed (2: No such file or directory), client: 45.155.205.225, server: , request: "POST /Autodiscover/Autodiscover.xml HTTP/1.1", host: "x.x.x.x:8443"
2021/03/07 20:41:25 [error] 1542#0: *304 open() "/usr/local/psa/admin/htdocs/api" failed (2: No such file or directory), client: 162.142.125.39, server: , request: "GET /api HTTP/1.1", host: "x.x.x.x:8443"
2021/03/08 12:20:23 [error] 1542#0: *1416 open() "/usr/local/psa/admin/htdocs/Autodiscover/Autodiscover.xml" failed (2: No such file or directory), client: 45.155.205.225, server: , request: "POST /Autodiscover/Autodiscover.xml HTTP/1.1", host: "x.x.x.x:8443"

How can it be that someone has access to these folders?
How can I prevent this?
 
I'm guessing that's normal behavior. /htdocs is likely a web root, so all someone is doing is accessing a url that doesn't exist in it. Not entirely familiar with it's purpose though. Maybe someone else can clarify
 
Back
Top