Hi,
Last night the LAMP server that serves our Drupal install crashed. It had too may available processes and ran out of memory. Reduced the number of available Apache processes and everything settled down. Early this morning the server crashed again from what looked like a hack attempt. Data center directed the offending IP to NULL?? Problem solved. Server is behaving.
In looking at the log files I find two things that I need help understanding. Please understand I am not a Drupal developer - I am just responsible for it....
I'm seeing a bunch of 403 errors for trying to access /node/add - is this a new exploit? What is this?
Also I am seeing lines that contain the following:
xx.xx.xx.xx - - [02/Dec/2014:02:40:32 -0800] "POST /httprl_async_function_callback?count=2 HTTP/1.0" 200 486 "-" "Drupal (+http://drupal.org/)"
xx.xx.xx.xx - - [02/Dec/2014:02:40:32 -0800] "POST /httprl_async_function_callback?count=1 HTTP/1.0" 200 502 "-" "Drupal (+http://drupal.org/)"
xx.xx.xx.xx - - [02/Dec/2014:02:40:32 -0800] "POST /httprl_async_function_callback?count=1 HTTP/1.0" 200 502 "-" "Drupal (+http://drupal.org/)"
xx.xx.xx.xx - - [02/Dec/2014:02:40:32 -0800] "POST /httprl_async_function_callback?count=1 HTTP/1.0" 200 502 "-" "Drupal (+http://drupal.org/)"
xx.xx.xx.xx - - [02/Dec/2014:02:40:32 -0800] "POST /httprl_async_function_callback?count=1 HTTP/1.0" 200 502 "-" "Drupal (+http://drupal.org/)"
xx.xx.xx.xx - - [02/Dec/2014:02:40:32 -0800] "POST /httprl_async_function_callback?count=2 HTTP/1.0" 200 486 "-" "Drupal (+http://drupal.org/)"
Any idea what this is?
Thank you so much for your help!!
--
Keith Smith
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss