Apache

Last week I was asked the following question:

“Is there any way that you can find out which hosts or IP addresses have been accessing your Apache Web Server the most?”

The answer to this question is “YES!”.

Apache maintains an access log file, its default location is in the Apache logs directory, but this can be defined in the Apache httpd.conf file. The “out of the box” location  for the Apache distribution with CentOS/= and RHEL 6 and 7 is: /etc/httpd/logs/access_log. Here is an example of the the default log entries for this file:

In its out of the box configuration you may find that CentOS Linux has iptables configured to prevent inbound HTTP requests.

You can add access for inbound HTTP requests on port 80 with the following command:

iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp -dport 80 -j ACCEPT

Line 4 of the iptables -L output now shows that http is allowed inbound from anywhere: