Does Superman open a method request to apache when supermon is running?

I am seeing access by 12.7.0.0.1 to the Apache with the options * method.

Is this standard behavior with Superman?

My sense is t his is often used as a probe to determine vulnerabilities in a web server.

Thanks!

OPTIONS is used legitimately by many applications to determine CORS (Cross-Origin Resource Sharing (CORS) - HTTP | MDN) and HTTP options. In Supermon’s case, it’s either jQuery (client) or server.php doing this.

Fair enough BUT under further testing:

  • if I connect to the main Superman page: (http://ip_addr/supermon

  • login

  • then select the node

this request is not made AND everything works fine.

If I:

  • connect to the node page: http://ip_addr/supermon/link.php?nodes=node_number

  • login

the 127.0.0.1 option method request is made.

Further if the supermon node page is left open with the user logged in than about midnight the option method request also appears to be made.

It seems very odd.

if your running HAMVOIP then Supermon2 v 1.2 is the latest version. Supermon is designed to work with HAMVOIP. Allmon works with Allstar. you can upgrade it. just go to this group.io message area and ask the author. supermon2@groups.io | Home