Control Web Panel

WebPanel => Apache => Topic started by: moln4r on March 26, 2019, 05:47:45 PM

Title: Stats shows visitors from my own ip
Post by: moln4r on March 26, 2019, 05:47:45 PM

Hi,

I'm trying to find out what's happening for days now, but no luck.
I'm really a noob, just started with my own server about 2 months ago. The situation is I see 30-60 users all the time on one of my sites (wordpress) and statcounter shows half of them coming from my servers own ip (!) the other half is from various "google" ips.
When I restart the server the problem disappears for 8-10 hours, than it comes back.

I ceaned wordpress, scanned with multiple tools, removed all unnecessary plugins, checked the plugin files manually... nothing. Also used all scanning tools in cwp (pro) and nothing found. I really don't know what else I can do.

Some info on my setup:
Application Version:
    Apache version: Apache/2.4.34
    PHP version: 7.2.16 [PHP Switcher]
    MySQL version: 10.1.38-MariaDB
    FTP version: 1.0.47

System Info:
    CPU Model: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
    CPU Details: 8 Core (3600 MHz)
    Distro Name: CentOS Linux release 7.6.1810 (Core)
    Kernel Version: 3.10.0-957.10.1.el7.x86_64
    Platform: x86_64 [Dedicated]


CWP info:
    CWPpro version: 0.9.8.788

Anyone have any idea?

Thanks.

Title: Re: Stats shows visitors from my own ip
Post by: studio4host on March 27, 2019, 08:45:41 PM

you need to check mod_rpaf configuration in apache conf.d folder

Title: Re: Stats shows visitors from my own ip
Post by: moln4r on March 28, 2019, 05:24:59 PM

Hi, thanks for the suggestion!

I can't find any configuration named " mod_rpaf"

in: / usr / local / apache / conf.d /
I have two folders:
limits
vhosts

and files named:
 empty.conf
 server-status.conf
 webmail.conf   
 domain-redirects.conf
 system-redirects.conf
 suphp.conf   
 autossl_proxy.conf
 limits.conf
 vhosts.conf
 ssl.conf

I checked them all, but doesn't saw any suspicious.

Title: Re: Stats shows visitors from my own ip
Post by: Netino on April 03, 2019, 01:54:49 AM

So, you can create the file /usr/local/apache/conf.d/rpaf.conf (change [YOUR-IP-ADDRESS] with the correct information) with the following content:

Code: [Select]

<IfModule !mod_rpaf.c>
LoadModule rpaf_module modules/mod_rpaf.so
</IfModule>
RPAF_Enable On
RPAF_ProxyIPs 127.0.0.1 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [YOUR-IP-ADDRESS]
RPAF_SetHostName On
RPAF_SetHTTPS On
RPAF_SetPort On
RPAF_ForbidIfNotProxy Off
RPAF_Header X-Forwarded-For

Regards,
Netino