On 2/6/2017 8:36 AM, Jack Swan wrote: > What upsets me is that these two requests have statuscode 200, which mean it was successfull. As Jonesy points out, it's normal for the web server to simply ignore a request's query-string in a request where it wouldn't mean anything. So Apache is happily returning the result of "GET /" and ignoring the malicious probe. If you don't have PHP installed, you're safe from whatever this is. If the user your webserver runs as can't write to the documentroot or configuration directory, you're safe from whatever this is. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx