For some of our on-premise applications run on a Linux server, a penetration test tool will automatically scan for vulnerabilities in the software. One of the actions it performs is a scan of commonly used files for web applications, such as wp-login.php or cgi-bin/admin.cgi. Logically these files do not exist for Mendix applications. Yet, trying to navigate to this file will yield an error in the log file, such as: Connector: 404 - file not found for file: wp-login.php We will find a lot of these errors on a daily basis, while these errors have actually nothing to do with the application itself. They are not affecting the application in any way, but these list of errors is polluting the log file nevertheless. Is there a way to hide these errors from appearing the log, or at least change the log level from error to something like a trace?
asked
Glenn Cörvers
2 answers
1
Hey Glenn,
We have seen this as well on our end before. Do you happen to use CKEditor in your application? We have found that it trying to access images or file links written in the text can cause these log messages.
I think the only way to hide them would be to modify the CKEditor code to try and remove where it is logging from, or switch to a different rich text editor.
answered
Christopher Kukla
0
Hi Glenn, we are having the same issue here. How can we find out what widget is causing this? Since we do not use the CKEditor.