Hi Racer,
There should be a rolling set of logs available to you via shell.sonic.net (I think they map into /var/log/httpd/.) that has the full details, but I'll include the one matching log line for the 'adva' user in semi-redacted form here:
Code: Select all
zgrep -w adva /var/log/httpd/s********e.org/access_log.27.gz
241-189-85-x.ip.secqin.com s********e.org adva [06/Jan/2021:15:02:25 -0800] "GET / HTTP/1.1" 200 1121 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
It looks like you changed some things around between 1/6 and now, but I don't have backups/snapshots going that far back to compare, so I'm not sure how they were prompted for a username/password. I tried manually specifying a username using the 'curl' command line tool yesterday, but it doesn't seem to show up in the webalizer stats...
Code: Select all
curl http://s********e.org/site/ -u foo
So whatever let them load the non-protected part of the site seems to be fixed now.
-- Joe M
Sonic System Operations