Hacker News new | past | comments | ask | show | jobs | submit login
Apache Server Status for ask.com (ask.com)
71 points by dewey on April 7, 2017 | hide | past | favorite | 24 comments



Hi, just FYI, I found this, probably someone posted it because a colleague at Golem.de wrote about it today after I told him:

https://www.golem.de/news/datenschutz-ask-com-zeigt-auf-apac...

I tried to inform ask.com and my colleague tried again. No reaction.


Hah, I always suspected that authors of Golem.de are visiting HN. Congratulations for your finding! It is sad that Ask.com did not react. I thought that journalists would have a better chance to provoke responses.


My favourite: "q=letter+to+my+boyfriend+in+jail+talking+dirty&l=dir&q"


Wow, somebody is searching 3D dad baby incest. Good to know ....


Kink shaming? Is that a thing here?


Hey, what if my kink is kink shaming?


A surprisingly large amount of search queries are "You+have+no+items+in+your+shopping+cart", "Powered+by+Zen+Cart+%22Would+you+like+to+log", "%22site+magento%22+inurl%3A%2Findex.php%2Fadmin", "%22By+zen+cart%22++site%3A.de&" etc.

Seems like a bug in some shopping portal package, but it's still very weird.


It looks like searches for signatures of known vulnerable web apps.


I'm seeing tonnes of searches for revslider, so I would agree with this.


So apart from the fact this should be there; how did someone find this in the first place?

From my quick looking around - it seems that Apache has "/server-status" as a module - so you could hit all domains via a bit and see if any have it turned on?


well, yes. That's what I did.


It seems you can go country specific as well, e.g.

https://uk.ask.com/server-status


Is this page meant to be publicly accessible? Seems odd to me that they would reveal what people are searching for in real time like this.


It's Apache mod_status. It's definitely accidental.


I would even call it negligent.


At least they have mod_info disabled. I've seen so many people accidentally open both to the world.


Although it doesn't seem to have any identifiable info, it still seems like way too much info to be publicly accessible. Not just the searches, but the PIDs, the Apache version, etc. This seems like it should be behind a firewall or only internally accessible.


Some of these searches are pretty funny...

There is a pretty high concentration of searches for serial numbers.


I emailed their CIO to report issue.



Found the kid goofing off in the school computer lab: /web?q=fun+games+that+are+not+blocked

In all seriousness, this is a disaster -- I'm sure there are already people scraping this page to grab this data.


q=PAUL+GRAHAM+HAS+TITS HTTP/1.1


my fav: GET /web?q=Tom+Hanks+Thinks+His+Butt+Was+A+Beautiful+Thing+To+B


my favorite: /web?q=recording+people+having+sex+audio&qo=pagination&qid=




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: