Red Hat Bugzilla – Bug 465215
logwatch "http" script, make "phpmyadmin" detection minimally less sensitive
Last modified: 2013-04-12 15:54:15 EDT
Description of problem:
We get regular (false positive) warning mails about somebody mirroring some DAG phpmyadmin RPMs from us..:
!!!! 2 possible successful probes
/dag/redhat/el4/en/i386/dag/RPMS/phpmyadmin-18.104.22.168-1.el4.rf.noarch.rpm HTTP Response 200
Modifying the "http" logwatch script slightly gets rid of these:
--- services/http~ 2008-10-02 09:00:57.000000000 +0200
+++ services/http 2008-10-02 09:41:26.000000000 +0200
@@ -157,3 +157,3 @@
To my understanding, any real use of phpmyadmin (if installed under this name) will involve accessing the individual php scripts installed under that path, i.e. include a directory separator in the URL.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. serve a phpmyadmin RPM
2. get warning mail from logwatch
The problem is already fixed in logwatch-7.3-6.el5.
Development Management has reviewed and declined this request. You may appeal
this decision by reopening this request.