Apache access log shows these attack requests
Norberto Meijome
freebsd at meijome.net
Wed Jun 13 16:43:47 UTC 2007
On Wed, 13 Jun 2007 10:50:20 -0400
"Bob" <bob at a1poweruser.com> wrote:
Hi Bob, please learn how to quote in a reply to a message - it's pretty hard to
figure out who's written what otherwise.
> I checked with ls -l command and I have no pages 7036 in size.
(hmm... does those bytes include the headers et al ? if they do, then u should
be looking for something else other than 7036 in the filesystem...anyway...
> My question
> is why is apache servicing a request for "\x04\x01", this is not a valid
> request in first place.
maybe if you show us your apache config it would be easier to figure out what
you allow or not. To make it simpler, the DEFAULT config in apache (with no
mod_proxy) is quite secure wrt access to / .
> You wrote "because I disallow 'no referrer'
> plus 'no browser' ("-" "-") connects from non-local addresses, blocking
> heaps of rogue robots"
> Could you give me a example of the httpd.config coding you used for this?
> These denied requests get logged in the access.log, I would think they
> should be logged in the error.log.
well, they are not an error from apache's POV, are they? they get served OK :)
therefore, access. (the fact that you dont like it doenst make it less "correct"
for Apache ;)
B
_________________________
{Beto|Norberto|Numard} Meijome
"The whole problem with the world is that fools and fanatics are always so
certain of themselves, but wiser people so full of doubts." Bertrand Russell
I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
More information about the freebsd-questions
mailing list