We can trace the user responsible for high web server resource usage by the folowing command ————————— cat /etc/httpd/logs/access_log | grep mp3 cat /etc/httpd/logs/access_log | grep rar cat /etc/httpd/logs/access_log | grep wav etc cat /etc/httpd/logs/access_log | grep 408 can be used to check for DDOS attacks on the server. cat /etc/httpd/logs/access_log | grep rar ————————— [...]
Authentication attempts: Location : /var/log/secure Description : Logs all daemons which requires PAM Authentication, it also logs actions performed in cPanel that require privilege escalation.. Tracking all Bad Logins and Logouts: Location : /var/log/btmp Description : Log of all attempted bad logins to the system. Accessed via the lastb command.. Tracking all Logins and Logouts: [...]
MySQL General Information and Errors : Location : /var/lib/mysql/$(hostname).err Description : This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log
FTP Logins and General Errors: Location : /var/log/messages Description : General information and login attempts are logged here.. FTP Transactions logging: Location : /var/log/xferlog or /var/log/messages Description : Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users...