Join Log in
Score:1
avatar Server

How to find installation of apache

ru flag
Dennis

I have a server running Ubuntu 20.04.3 LTS (Focal Fossa). It is at IP address 192.168.1.12

When I use a web browser to access 192.168.1.12, a NextCloud login appears. This is all well and good except that I have not (purposely) installed NextCloud. When I connect to port 80 using telnet:

When I connect to the server via telnet on port 80 for more information:

> telnet 192.168.1.12 80
Trying 192.168.1.12...
Connected to 192.168.1.12.
Escape character is '^]'.
head / http/1.0
HTTP/1.1 400 Bad Request
Date: Mon, 14 Mar 2022 17:24:15 GMT
Server: Apache
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
</body></html>
Connection closed by foreign host.

When I run apt list --installed, there is no reference to nextcloud and no reference to apache:

> apt list --installed | egrep -i 'apache|next'

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

dennis@r2d2:/etc/init.d   03/14 13:26:49

Looking in /etc I don't see any folder named apache2 (or similar) and no folder named similarly to nextcloud.

So I'm confused as to how this is all working. How can I identify the location of the webserver and begin taking control of what it offers?

lsof (thanks, @djdomi) shows the following:

root@r2d2:~# netstat -anp | grep apache
root@r2d2:~# lsof -i :80
COMMAND       PID USER   FD   TYPE    DEVICE SIZE/OFF NODE NAME
Plex\x20M     834 plex   62u  IPv4 158905392      0t0  TCP r2d2.lovelady.com:56860->ec2-52-16-11-44.eu-west-1.compute.amazonaws.com:http (CLOSE_WAIT)
Plex\x20T    1670 plex   75u  IPv4     32467      0t0  TCP r2d2.lovelady.com:50452->ec2-18-203-176-12.eu-west-1.compute.amazonaws.com:http (CLOSE_WAIT)
httpd     1358151 root    3u  IPv4 157704069      0t0  TCP *:http (LISTEN)
httpd     1358153 root    3u  IPv4 157704069      0t0  TCP *:http (LISTEN)
httpd     1358154 root    3u  IPv4 157704069      0t0  TCP *:http (LISTEN)
httpd     1358155 root    3u  IPv4 157704069      0t0  TCP *:http (LISTEN)
httpd     2958297 root    3u  IPv4 157704069      0t0  TCP *:http (LISTEN)

Again thanks to @djdomi I ran the following command; looks like Plex may be the culprit I'm looking for, but still no real answer to the original question:

root@r2d2:/etc/init.d# ps auxwww |egrep '834|1670'
plex         834  0.2  0.3 118780 75268 ?        Ssl  Jan31 131:48 /usr/lib/plexmediaserver/Plex Media Server
plex        1670  0.0  0.0  42192 12528 ?        Sl   Jan31  51:51 /usr/lib/plexmediaserver/Plex Tuner Service /usr/lib/plexmediaserver/Resources/Tuner/Private /usr/lib/plexmediaserver/Resources/Tuner/Shared 1.24.2.4973-2b1b51db9 32600

The paths shown just contain a bunch of .ini files.

24
0 + 0
djdomi avatar
za flag
djdomi
you may want to use `lsof -i :80` remind that it can aldo run as a container like socker or lxc
0
Reply
ru flag
Dennis
Thanks @djdomi - lsof (when logged in as root) returns several lines - among them are references to Plex\x20M and Plex\x20T ... but nothing that helps me understand the location of Apache. I've added the results to the question.
0
Reply
djdomi avatar
za flag
djdomi
look for pid 834,1670 you can use `ps auxwww` for it
0
Reply
ru flag
Dennis
Thanks again @djdomi - updated again.
0
Reply
djdomi avatar
za flag
djdomi
dennis, how many hints do you need more? :P use apt now for this. This site is for Professional Users. Some help to identify a problem but you should be able to identify a program that is installed. remins that apt-file is also a nice helper ;)
0
Reply
ru flag
Dennis
@djdomi - Please define "Professional Users." If it means someone who already knows everything, then the purpose of the site in the first place, is a matter of question. I'm sorry that I don't (know everything) --- I don't see enough information in this interaction to determine THE LOCATION OF APACHE or whatever web server is running. I do know that PLEX is installed - that was not the question.
0
Reply
djdomi avatar
za flag
djdomi
ok, the lazy way: `apt install apt-file && apt-file update && apt-file search /usr/lib/plexmediaserver/` This site is for Business Administrators or running a Business. Home and Enduser has to use superuser.com, that is what it it meaned
0
Reply
ru flag
Dennis
@djdomi Gotcha. I will request closing of this question of possible, and ask again on superuser. StackOverflow's recent influx of single-purpose servers has more than just me confused. Having said that, thank you very much (mean it) for the hints and your attention and some guidance.
0
Reply
djdomi avatar
za flag
djdomi
you just need to flag it for movement ;) however, you will find with the commands above the package name for removing - and even its offtopic you get a +1 from me ;)
0
Reply
ru flag
Dennis
Actually, what I found is that that command tries to install more stufff.... libapt-pkg-perl libexporter-tiny-perl liblist-moreutils-perl libregexp-assemble-perl and apt-file libapt-pkg-perl libexporter-tiny-perl liblist-moreutils-perl libregexp-assemble-perl Thanks though.
0
Reply
djdomi avatar
za flag
djdomi
Let us [continue this discussion in chat](https://chat.stackexchange.com/rooms/134766/discussion-between-djdomi-and-dennis).
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.