• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Nginx error log spam: connicon.cgi not found

Scheduled Pinned Locked Moved webGUI
5 Posts 4 Posters 1.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    pdwalker
    last edited by Mar 24, 2017, 7:03 AM

    I'm getting the following error message in the nginx and system error logs:

    2017/03/24 14:52:55 [error] 93654#100248: *7 open() "/usr/local/www/cgi-bin/MANGA/connicon.cgi" failed (2: No such file or directory), client: 10.10.1.172, server: , request: "GET /cgi-bin/MANGA/connicon.cgi?type=favicon HTTP/1.1", host: "10.10.1.1"

    Does anyone else have this problem?  Does anyone have an idea how to shut it off as it's annoying.  The above ip address is the firewall itself.

    I'm running version 2.3.3-RELEASE-p1

    Thanks in advance for your help.

    1 Reply Last reply Reply Quote 0
    • G
      Gertjan
      last edited by Mar 24, 2017, 9:54 AM

      @pdwalker:

      request: "GET /cgi-bin/MANGA/connicon.cgi?type=favicon HTTP/1.1", host: "10.10.1.1"
      Does anyone else have this problem?  Does anyone have an idea how to shut it off as it's annoying.  The above ip address is the firewall itself.

      Look again at the request.
      It comes in on 10.10.1.1. I guess you know who that is. Again : the request comes IN on that interface from 'some one'.
      Easy solution => take out the network cable on that interface …. and you will notice that the requests stop ... ;)

      Because : some LAN device is hammering these request into your pfSense. Locate this device, shut it down. Case closed :)

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      1 Reply Last reply Reply Quote 0
      • K
        kpa
        last edited by Mar 24, 2017, 12:44 PM

        Avast antivirus/firewall is (was?) notorious for doing that kind of probes on the gateway to discover potentially vulnerable versions of the device firmware. Worth checking. The other likely possibility is that you have a malware/virus running on that LAN host.

        1 Reply Last reply Reply Quote 0
        • P
          pdwalker
          last edited by May 8, 2017, 7:02 AM

          @Gertjan:

          @pdwalker:

          request: "GET /cgi-bin/MANGA/connicon.cgi?type=favicon HTTP/1.1", host: "10.10.1.1"
          Does anyone else have this problem?  Does anyone have an idea how to shut it off as it's annoying.  The above ip address is the firewall itself.

          Look again at the request.
          It comes in on 10.10.1.1. I guess you know who that is. Again : the request comes IN on that interface from 'some one'.
          Easy solution => take out the network cable on that interface …. and you will notice that the requests stop ... ;)

          Because : some LAN device is hammering these request into your pfSense. Locate this device, shut it down. Case closed :)

          Sorry, I've been away for a while.

          The .172 address is my PC, and the .1 address is the firewall.

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by May 8, 2017, 7:11 AM

            As said above, it has nothing to do with pfSense. The request is coming from your PC.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received