mardi 5 mai 2015

Django gunicorn nginx unidentified post request to some site

This is the part from gunicorn log file

[2015-05-06 11:48:17 +0000] [6197] [DEBUG] POST /composants/personnes/ajout_exterieur.cfc
[2015-05-06 08:18:18 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:19 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 11:48:20 +0000] [6188] [DEBUG] POST /composants/personnes/ajout_exterieur.cfc
[2015-05-06 08:18:20 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:21 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:22 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 11:48:22 +0000] [6197] [DEBUG] POST /composants/personnes/ajout_exterieur.cfc
[2015-05-06 08:18:23 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:24 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 11:48:25 +0000] [6197] [DEBUG] POST /composants/personnes/ajout_exterieur.cfc
[2015-05-06 08:18:25 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:26 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:27 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 11:48:28 +0000] [6194] [DEBUG] POST /composants/personnes/ajout_exterieur.cfc
[2015-05-06 08:18:28 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:29 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 11:48:30 +0000] [6182] [DEBUG] POST /composants/personnes/ajout_exterieur.cfc
[2015-05-06 08:18:30 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:31 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:32 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 11:48:33 +0000] [6182] [DEBUG] POST /composants/personnes/ajout_exterieur.cfc
[2015-05-06 08:18:33 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:34 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:35 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 11:48:35 +0000] [6188] [DEBUG] POST /composants/personnes/ajout_exterieur.cfc
[2015-05-06 08:18:36 +0000] [6173] [DEBUG] 9 workers
[2015-05-06 08:18:37 +0000] [6173] [DEBUG] 9 workers

it sends post to /composants/personnes/ajout_exterieur.cfc which i have no idea a little bit googling yielded this site http://ift.tt/1GOhMsr but it is down , i suspect some sort of DDOS attack is involved and my server would be used too .. there is no suspicious code in my project and it is inside a virtualenv I have installed the following python modules

Django==1.8
Pillow==2.8.1
amqp==1.4.6
anyjson==0.3.3
argparse==1.2.1
billiard==3.3.0.19
celery==3.1.17
django-celery==3.1.16
django-crispy-forms==1.4.0
gunicorn==19.3.0
jsonfield==1.0.3
kombu==3.0.24
psycopg2==2.6
pycrypto==2.6.1
pytz==2015.2
redis==2.10.3
requests==2.6.2
wsgiref==0.1.2

i don't know where to look .Is this a security threat?? Thanks!

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)