Answer the question
In order to leave comments, you need to log in
Apache logs and real IP
Hello. Tell me on this issue: there is an apache log that indicates which ip they came in from and what they did. Could it be that the private section of the site could be entered from the ip of the host itself, while the logs indicate that the content of the page was changed precisely from the ip of the host?
Answer the question
In order to leave comments, you need to log in
Honestly, it's not entirely clear how the content of the page was changed through Apache?
It is possible that the shell was abandoned on your site, and changes in the code of the site pages were made through it, then the Shell script is located directly on the hosting server and the IP, respectively, of the server itself.
Maybe your page was hacked, for example, using dompdf and got to the system?
Or your script itself opens something on your page ...
Or 2 (or more) sites hang on the same hosting, and one visits the other (although the domains are different)
And to the question: “Can ...” the answer is: maybe.
This is the world of computer science, and it is big and colorful :-)
You made me think. I have never encountered this, so I want to determine for myself the steps that will help me find out the real ip of the "radish".
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question