Which (Ubuntu, CentOS, etc.) is your server running?
Improper URI handling in mod_proxy allowed remote attackers to bypass security and access internal servers. apache httpd 2222 exploit
This article examines the real-world exploits, critical CVEs, and best practices for handling this popular yet obsolete web server. Which (Ubuntu, CentOS, etc
Because DirectAdmin uses port 2222, "Apache 2222 exploits" are frequently miscategorized attacks targeting the DirectAdmin control panel wrapper rather than the Apache web server itself. Legacy versions of control panels are susceptible to: Cross-Site Scripting (XSS) Remote Command Injection via administrative scripts apache httpd 2222 exploit
If you want, I can: