Skip to content

SASL LOGIN authentication failed: generic failure

Moved Solved Linux
  • Hi,

    When I run “sudo systemctl restart apache2”

    It says: Job for apache2.service failed because the control process exited with error code.

    after I run “sudo journalctl -xe”

    It returns with a lot message, which are all the same, as following: I wonder is my server get attack by the following IP, “31.130.184.78”? 🙂

    I believe that I haven’t made any settings for my virtualmin server. Can anyone please tell me what are the basic settings to protect my server.

    Sep 19 18:13:35 domain.org postfix/smtpd[1097168]: warning: unknown[31.130.184.78]: SASL LOGIN authentication failed: generic failure
    Sep 19 18:13:35 domain.org postfix/sm~~strikethrough text~~tpd[1097168]: disconnect from unknown[31.130.184.78] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
    Sep 19 18:13:37 domain.org postfix/smtpd[1097238]: connect from unknown[31.130.184.78]
    Sep 19 18:13:38 domain.org postfix/smtpd[1097238]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directo>
    Sep 19 18:13:38 domain.org postfix/smtpd[1097238]: warning: unknown[31.130.184.78]: SASL LOGIN authentication failed: generic failure
    Sep 19 18:13:38 domain.org postfix/smtpd[1097238]: disconnect from unknown[31.130.184.78] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
    Sep 19 18:13:39 domain.org postfix/smtpd[1097168]: connect from unknown[31.130.184.78]
    Sep 19 18:13:40 domain.org sshd[1097503]: Connection reset by 218.92.0.201 port 11963 [preauth]
    Sep 19 18:13:41 domain.org sudo[1097507]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory
    Sep 19 18:13:41 domain.org sshd[1097505]: Invalid user dock from 183.162.79.39 port 58916
    Sep 19 18:13:41 domain.org sshd[1097505]: pam_unix(sshd:auth): check pass; user unknown
    Sep 19 18:13:41 domain.org sshd[1097505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.162.79.39
    Sep 19 18:13:41 domain.org postfix/smtpd[1097168]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directo>
    Sep 19 18:13:41 domain.org postfix/smtpd[1097168]: warning: unknown[31.130.184.78]: SASL LOGIN authentication failed: generic failure
    Sep 19 18:13:42 domain.org postfix/smtpd[1097168]: disconnect from unknown[31.130.184.78] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
    Sep 19 18:13:43 domain.org postfix/smtpd[1097238]: connect from unknown[31.130.184.78]
    Sep 19 18:13:43 domain.org postfix/smtpd[1097238]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directo>
    Sep 19 18:13:43 domain.org postfix/smtpd[1097238]: warning: unknown[31.130.184.78]: SASL LOGIN authentication failed: generic failure
    Sep 19 18:13:43 domain.org postfix/smtpd[1097238]: disconnect from unknown[31.130.184.78] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
    Sep 19 18:13:43 domain.org sshd[1097505]: Failed password for invalid user dock from 183.162.79.39 port 58916 ssh2
    Sep 19 18:13:44 domain.org sudo[1097507]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory
    Sep 19 18:13:44 domain.org sudo[1097507]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/bin/journalctl -xe
    Sep 19 18:13:44 domain.org sudo[1097507]: pam_unix(sudo:session): session opened for user root by user(uid=0)
    
  • @ash3t postfix doesn’t have any bearing on Apache - they are different products. Is there anything specific in the Apache logs ?

    What you are seeing in the postfix logs is an authentication error when attempting to connect to postfix directly - probably from a previous connection that used the same ip addresses as you have assigned now.

    I wouldn’t be overly concerned by this presently, but it’s something you can just use fail2ban for which is installed as part of VirtualMin.

  • @phenomlab Thanks for your reply. Actually, my server is running on Nginx server.

    I notice that on the server information page, the virtual memory is 99% red circle. I thought if postfix is for SMTP so I turn off the email server. I guess this would hurt, if I am not planning to use any email service.

    However, after check the Nginx error log, this is what I got, does any of the following needs my concern? Thanks very much for your continuing help.

    2021/09/19 03:57:44 [error] 1043580#1043580: *2 open() "/home/domain/public_html/site/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 157.245.145.162, server: domain.net, request: "GET //site/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 03:57:44 [error] 1043580#1043580: *2 open() "/home/domain/public_html/cms/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 157.245.145.162, server: domain.net, request: "GET //cms/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 03:57:45 [error] 1043580#1043580: *2 open() "/home/domain/public_html/sito/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 157.245.145.162, server: domain.net, request: "GET //sito/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 03:57:51 [error] 1043580#1043580: *5 open() "/home/domain/public_html/remote/fgt_lang" failed (2: No such file or directory), client: 91.132.58.33, server: domain.net, request: "GET ///remote/fgt_lang?lang=/../../../..//////////dev/ HTTP/1.1", host: "178.128.230.236"
    2021/09/19 04:38:07 [error] 1043580#1043580: *25 open() "/home/domain/public_html/phpadmin" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "GET /phpadmin HTTP/1.1", host: "domain.net"
    2021/09/19 04:38:07 [error] 1043580#1043580: *25 open() "/home/domain/public_html/favicon.ico" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "domain.net", referrer: "https://domain.net/phpadmin"
    2021/09/19 04:45:21 [error] 1043580#1043580: *67 open() "/home/domain/public_html/flarum/public" failed (20: Not a directory), client: 204.197.182.104, server: domain.net, request: "GET /flarum/public HTTP/1.1", host: "domain.net"
    2021/09/19 04:46:35 [error] 1043580#1043580: *72 open() "/home/domain/public_html/favicon.ico" failed (2: No such file or directory), client: 84.22.151.34, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "domain.net"
    2021/09/19 04:46:36 [error] 1043580#1043580: *74 open() "/home/domain/public_html/favicon.ico" failed (2: No such file or directory), client: 85.209.163.221, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "domain.net", referrer: "http://domain.net/favicon.ico"
    2021/09/19 04:46:37 [error] 1043580#1043580: *78 open() "/home/domain/public_html/favicon.ico" failed (2: No such file or directory), client: 179.61.183.160, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "domain.net"
    2021/09/19 04:46:38 [error] 1043580#1043580: *80 open() "/home/domain/public_html/favicon.ico" failed (2: No such file or directory), client: 84.22.149.148, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "domain.net", referrer: "http://domain.net/favicon.ico"
    2021/09/19 04:51:15 [error] 1043580#1043580: *91 open() "/home/domain/public_html/actuator/health" failed (2: No such file or directory), client: 192.241.210.230, server: domain.net, request: "GET /actuator/health HTTP/1.1", host: "178.128.230.236"
    2021/09/19 05:01:53 [error] 1054477#1054477: *5 open() "/home/domain/public_html/public/login" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "POST /login HTTP/1.1", host: "domain.net", referrer: "https://domain.net/"
    2021/09/19 05:02:02 [error] 1054477#1054477: *5 open() "/home/domain/public_html/public/login" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "POST /login HTTP/1.1", host: "domain.net", referrer: "https://domain.net/"
    2021/09/19 05:02:35 [error] 1054477#1054477: *5 open() "/home/domain/public_html/public/login" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "POST /login HTTP/1.1", host: "domain.net", referrer: "https://domain.net/"
    2021/09/19 05:02:53 [error] 1054477#1054477: *5 open() "/home/domain/public_html/public/login" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "POST /login HTTP/1.1", host: "domain.net", referrer: "https://domain.net/"
    2021/09/19 05:05:35 [error] 1054477#1054477: *12 open() "/home/domain/public_html/public/login" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "POST /login HTTP/1.1", host: "domain.net", referrer: "https://domain.net/"
    2021/09/19 05:07:19 [error] 1054477#1054477: *17 open() "/home/domain/public_html/public/register" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "POST /register HTTP/1.1", host: "domain.net", referrer: "https://domain.net/"
    2021/09/19 05:07:48 [error] 1054477#1054477: *17 open() "/home/domain/public_html/public/register" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "POST /register HTTP/1.1", host: "domain.net", referrer: "https://domain.net/"
    2021/09/19 05:10:19 [error] 1054477#1054477: *41 open() "/home/domain/public_html/public/login" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "POST /login HTTP/1.1", host: "domain.net", referrer: "https://domain.net/"
    2021/09/19 05:30:29 [crit] 1054477#1054477: *58 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 159.203.91.246, server: 178.128.230.236:443
    2021/09/19 05:43:29 [crit] 1054477#1054477: *74 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 64.62.197.182, server: 178.128.230.236:443
    2021/09/19 05:59:53 [error] 1054477#1054477: *81 open() "/home/domain/public_html/public/api/discussions/16" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "GET /api/discussions/16?bySlug=true&page[near]=0 HTTP/1.1", host: "domain.net", referrer: "https://domain.net/d/16"
    2021/09/19 06:00:01 [error] 1054477#1054477: *81 open() "/home/domain/public_html/public/api/discussions/15" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "GET /api/discussions/15?bySlug=true&page[near]=0 HTTP/1.1", host: "domain.net", referrer: "https://domain.net/d/15"
    2021/09/19 06:00:06 [error] 1054477#1054477: *81 open() "/home/domain/public_html/public/api/discussions/14" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "GET /api/discussions/14?bySlug=true&page[near]=0 HTTP/1.1", host: "domain.net", referrer: "https://domain.net/d/14"
    2021/09/19 07:10:48 [error] 1054477#1054477: *92 open() "/home/domain/public_html/public/favicon.ico" failed (2: No such file or directory), client: 111.224.249.156, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "domain.net"
    2021/09/19 07:10:51 [error] 1054477#1054477: *93 open() "/home/domain/public_html/public/favicon.ico" failed (2: No such file or directory), client: 112.66.98.191, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "178.128.230.236"
    2021/09/19 08:43:07 [error] 1054477#1054477: *106 open() "/home/domain/public_html/public/robots.txt" failed (2: No such file or directory), client: 176.74.192.85, server: domain.net, request: "GET /robots.txt HTTP/1.1", host: "domain.net", referrer: "http://yeedao.org/robots.txt"
    2021/09/19 08:43:08 [error] 1054477#1054477: *108 open() "/home/domain/public_html/public/humans.txt" failed (2: No such file or directory), client: 176.74.192.85, server: domain.net, request: "GET /humans.txt HTTP/1.1", host: "domain.net", referrer: "http://yeedao.org/humans.txt"
    2021/09/19 08:43:08 [error] 1054477#1054477: *110 open() "/home/domain/public_html/public/ads.txt" failed (2: No such file or directory), client: 176.74.192.85, server: domain.net, request: "GET /ads.txt HTTP/1.1", host: "domain.net", referrer: "http://yeedao.org/ads.txt"
    2021/09/19 10:18:47 [error] 1054477#1054477: *132 open() "/home/domain/public_html/public/owa/auth/x.js" failed (2: No such file or directory), client: 192.241.221.174, server: domain.net, request: "GET /owa/auth/x.js HTTP/1.1", host: "178.128.230.236"
    2021/09/19 10:23:03 [error] 1054477#1054477: *133 open() "/home/domain/public_html/public/owa/auth/logon.aspx" failed (2: No such file or directory), client: 192.241.209.88, server: domain.net, request: "GET /owa/auth/logon.aspx HTTP/1.1", host: "178.128.230.236"
    2021/09/19 10:25:35 [error] 1054477#1054477: *134 open() "/home/domain/public_html/public/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application" failed (2: No such file or directory), client: 192.241.216.61, server: domain.net, request: "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1", host: "178.128.230.236"
    2021/09/19 10:33:22 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:26 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/blog/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:26 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/web/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:26 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/wordpress/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:26 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/website/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:26 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/wp/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:26 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/news/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //news/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:26 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/2018/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //2018/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:26 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/2019/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:27 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/shop/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:27 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/wp1/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //wp1/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:27 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/test/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //test/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:27 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/media/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //media/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:27 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/wp2/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:27 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/site/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //site/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:27 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/cms/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //cms/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 10:33:27 [error] 1054477#1054477: *136 open() "/home/domain/public_html/public/sito/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 51.116.118.30, server: domain.net, request: "GET //sito/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 12:33:14 [error] 1054477#1054477: *157 open() "/home/domain/public_html/public/owa/auth/logon.aspx" failed (2: No such file or directory), client: 192.241.213.51, server: domain.net, request: "GET /owa/auth/logon.aspx?url=https://1/ecp/ HTTP/1.1", host: "178.128.230.236"
    2021/09/19 12:59:30 [error] 1054477#1054477: *163 open() "/home/domain/public_html/public/robots.txt" failed (2: No such file or directory), client: 54.36.148.57, server: domain.net, request: "GET /robots.txt HTTP/1.1", host: "www.domain.net"
    2021/09/19 13:31:23 [error] 1054477#1054477: *184 open() "/home/domain/public_html/public/api/jsonws/invoke" failed (2: No such file or directory), client: 45.146.164.110, server: domain.net, request: "GET /api/jsonws/invoke HTTP/1.1", host: "domain.net", referrer: "http://178.128.230.236:80/api/jsonws/invoke"
    2021/09/19 13:31:33 [error] 1054477#1054477: *191 open() "/home/domain/public_html/public/solr/admin/info/system" failed (2: No such file or directory), client: 45.146.164.110, server: domain.net, request: "GET /solr/admin/info/system?wt=json HTTP/1.1", host: "domain.net", referrer: "http://178.128.230.236:80/solr/admin/info/system?wt=json"
    2021/09/19 13:31:34 [error] 1054477#1054477: *192 open() "/home/domain/public_html/public/wp-content/plugins/wp-file-manager/readme.txt" failed (2: No such file or directory), client: 45.146.164.110, server: domain.net, request: "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1", host: "domain.net", referrer: "http://178.128.230.236:80/wp-content/plugins/wp-file-manager/readme.txt"
    2021/09/19 13:31:34 [error] 1054477#1054477: *195 "/home/domain/public_html/public/console/index.php" is not found (2: No such file or directory), client: 45.146.164.110, server: domain.net, request: "GET /console/ HTTP/1.1", host: "domain.net", referrer: "http://178.128.230.236:80/console/"
    2021/09/19 13:31:35 [error] 1054477#1054477: *196 open() "/home/domain/public_html/public/Autodiscover/Autodiscover.xml" failed (2: No such file or directory), client: 45.146.164.110, server: domain.net, request: "GET /Autodiscover/Autodiscover.xml HTTP/1.1", host: "domain.net", referrer: "http://178.128.230.236:80/Autodiscover/Autodiscover.xml"
    2021/09/19 13:31:35 [error] 1054477#1054477: *197 open() "/home/domain/public_html/public/_ignition/execute-solution" failed (2: No such file or directory), client: 45.146.164.110, server: domain.net, request: "GET /_ignition/execute-solution HTTP/1.1", host: "domain.net", referrer: "http://178.128.230.236:80/_ignition/execute-solution"
    2021/09/19 15:41:24 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/blog/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/web/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/wordpress/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/website/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/wp/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/news/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //news/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/2020/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //2020/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/2019/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/shop/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/wp1/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //wp1/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/test/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //test/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/wp2/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/site/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //site/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/cms/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //cms/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 15:41:26 [error] 1054477#1054477: *229 open() "/home/domain/public_html/public/sito/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 137.184.50.70, server: domain.net, request: "GET //sito/wp-includes/wlwmanifest.xml HTTP/1.1", host: "domain.net"
    2021/09/19 17:40:41 [error] 1054477#1054477: *266 open() "/home/domain/public_html/public/api/discussions/16" failed (2: No such file or directory), client: 204.197.182.104, server: domain.net, request: "GET /api/discussions/16?bySlug=true&page[near]=0 HTTP/1.1", host: "domain.net", referrer: "https://domain.net/d/16"
    2021/09/19 18:04:42 [error] 1096535#1096535: *6 open() "/home/domain/public_html/public/robots.txt" failed (2: No such file or directory), client: 45.95.147.3, server: domain.net, request: "HEAD /robots.txt HTTP/1.0"
    2021/09/19 19:07:48 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/wordpress" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /wordpress HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/wp" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /wp HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/bc" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /bc HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/bk" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /bk HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/backup" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /backup HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/old" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /old HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/old-site" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /old-site HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/oldsite" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /oldsite HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/new" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /new HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/main" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /main HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:07:53 [error] 1096535#1096535: *33 open() "/home/domain/public_html/public/home" failed (2: No such file or directory), client: 35.197.214.196, server: domain.net, request: "HEAD /home HTTP/1.1", host: "yeedao.org"
    2021/09/19 19:52:11 [crit] 1096535#1096535: *55 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 192.241.217.26, server: 178.128.230.236:443
    2021/09/19 20:41:47 [error] 1096535#1096535: *61 open() "/home/domain/public_html/public/robots.txt" failed (2: No such file or directory), client: 45.95.147.3, server: domain.net, request: "HEAD /robots.txt HTTP/1.0"
    2021/09/19 20:47:33 [error] 1096535#1096535: *62 open() "/home/domain/public_html/public/manager/text/list" failed (2: No such file or directory), client: 192.241.209.153, server: domain.net, request: "GET /manager/text/list HTTP/1.1", host: "178.128.230.236"
    2021/09/19 21:23:45 [error] 1096535#1096535: *66 open() "/home/domain/public_html/public/boaform/admin/formLogin" failed (2: No such file or directory), client: 205.185.120.188, server: domain.net, request: "POST /boaform/admin/formLogin HTTP/1.1", host: "178.128.230.236:80", referrer: "http://178.128.230.236:80/admin/login.asp"
    2021/09/19 21:29:35 [error] 1096535#1096535: *67 open() "/home/domain/public_html/public/boaform/admin/formLogin" failed (2: No such file or directory), client: 209.141.46.56, server: domain.net, request: "POST /boaform/admin/formLogin HTTP/1.1", host: "178.128.230.236:80", referrer: "http://178.128.230.236:80/admin/login.asp"
    2021/09/19 21:52:23 [error] 1096535#1096535: *82 open() "/home/domain/public_html/public/boaform/admin/formLogin" failed (2: No such file or directory), client: 209.141.58.209, server: domain.net, request: "POST /boaform/admin/formLogin HTTP/1.1", host: "178.128.230.236:80", referrer: "http://178.128.230.236:80/admin/login.asp"
    2021/09/19 22:07:22 [error] 1096535#1096535: *85 open() "/home/domain/public_html/public/favicon.ico" failed (2: No such file or directory), client: 77.90.159.75, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "domain.net"
    2021/09/19 22:07:23 [error] 1096535#1096535: *90 open() "/home/domain/public_html/public/favicon.ico" failed (2: No such file or directory), client: 5.180.35.100, server: domain.net, request: "GET /favicon.ico HTTP/1.1", host: "domain.net"
    2021/09/19 22:58:14 [error] 1096535#1096535: *110 open() "/home/domain/public_html/public/config/getuser" failed (2: No such file or directory), client: 107.189.31.252, server: domain.net, request: "GET /config/getuser?index=0 HTTP/1.1", host: "178.128.230.236:80"
    2021/09/19 23:13:56 [error] 1096535#1096535: *111 open() "/home/domain/public_html/public/pages/createpage-entervariables.action" failed (2: No such file or directory), client: 138.68.161.204, server: domain.net, request: "POST /pages/createpage-entervariables.action?SpaceKey=x HTTP/1.1", host: "178.128.230.236:80"
    2021/09/19 23:35:09 [error] 1096535#1096535: *120 open() "/home/domain/public_html/public/manager/html" failed (2: No such file or directory), client: 192.241.217.228, server: domain.net, request: "GET /manager/html HTTP/1.1", host: "178.128.230.236"
    2021/09/20 00:13:28 [error] 674#674: *18 "/home/domain/public_html/public/HNAP1/index.php" is not found (2: No such file or directory), client: 117.222.173.68, server: domain.net, request: "POST /HNAP1/ HTTP/1.0", host: "178.128.230.236:80"
    2021/09/20 00:22:37 [error] 674#674: *21 open() "/home/domain/public_html/public/boaform/admin/formLogin" failed (2: No such file or directory), client: 182.126.124.165, server: domain.net, request: "GET /boaform/admin/formLogin?username=adminisp&psd=adminisp HTTP/1.0"
    
  • @ash3t said in SASL LOGIN authentication failed: generic failure:

    2021/09/19 03:57:44 [error] 1043580#1043580: *2 open() “/home/domain/public_html/site/wp-includes/wlwmanifest.xml” failed (2: No such file or directory), client: 157.245.145.162, server: domain.net, request: “GET //site/wp-includes/wlwmanifest.xml HTTP/1.1”, host: “domain.net

    Sorry - either Apache, or NGINX - Postfix has no bearing on either.

    For the error messages logged, this is not a cause for concern - unless you are indeed running WordPress, in which case, this is indicative of a reconnaissance scan against the IP address you are using. More often than not, IP addresses are recycled, so they used to exist with perhaps a WordPress installation under the control of someone else who has since decided to no longer use that particular service. The IP address they used has been returned to an available pool of addresses post their cancellation, but for the scanners out there, this is still a viable target hence what you see in the logs.

    If you are not running WordPress, you can safely ignore these errors as they are harmless. However, your server’s performance will suffer as a result if this continues. My recommendation would be to block the IP address concerned using Fail2Ban or FirewallD (the default firewall in Webmin unless you switched it out for something else)

    I notice that on the server information page, the virtual memory is 99% red circle. I thought if postfix is for SMTP so I turn off the email server. I guess this would hurt, if I am not planning to use any email service.

    Postfix isn’t usually a memory killer - is the amount of available RAM on that server low ? You may need to increase it, or perhaps disable unused modules in Webmin. I wouldn’t recommend disabling Postfix as this service is used as a dependency for other services (they rely on it running).

  • phenomlabundefined phenomlab moved this topic from Vulnerability on
  • @Ash3T I’m going to mark this post as solved as I’ve not heard from you in a while. Let me know if this isn’t the case and you need more help.

  • phenomlabundefined phenomlab has marked this topic as solved on
  • phenomlabundefined phenomlab unlocked this topic on

Did this solution help you?
Did you find the suggested solution useful? Why not buy me a coffee? It's a nice gesture, and a great way to show your appreciation💗