I have a server that keeps getting random hits from itself, well the ip reads as 127.0.0.1. I know there are all sorts of programs that could be doing this, but the server is a bare minimum LAMP server with sendmail and monit. Recently I also installed APC for PHP acceleration. I'm baffled as to why this is happening, here is an example request from the access logs
domain.ext:80 127.0.0.1 - - [10/May/2014:22:51:56 -0400] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.2.22 (Ubuntu) (internal dummy connection)"
What does that mean? Is it normal? I don't think so. I haven't found a lot online about it, so I'm here asking, any insight into this log message and how to stop it would be appreciated. Thanks.
This is normal. Apache web server does it to keep it's threads alive that are waiting to accept new connections.
But as a rule of thumb to prevent unnecessary risks make sure you don't have all the modules enabled by default. Only enable modules that you need. Also I see that you are using apache 2.2 probably you should use the latest one 2.4.9 if you can update.
You can also run some tests on your server that checks some basic vulnerabilities like one provided by SSL labs
There are more commercial products available from Qualys and Nessus that can run scans.