The junk that you will find in web access logs



If you have a website, you likely will look at your logs from time to time to see just who or how many people are visiting your site. I’ve certainly looked at a lot of logfiles both for my site and for others and thought I’d pass along some things you will likely see. For starters you are likely to see requests for pages that don’t exist. Even if you’ve never made changes to your site, you may see requests for files like ../../cmd.exe


I was at first amused when I saw this entry in my website logs. .exe files are windows executables and cmd.exe is basically windows command shell. My server was NOT windows, so I knew that not only would this file not be found, the vulnerability they were trying to exploit would fail. Sometimes you’ll see extremely long entries in your logs. For instance I’ve seen one lately, that looks like this SEARCH /x90x04Hx04Hx04H except it goes on and on for 3 pages worth of scrolling. My suspicion is that someones trying to do a “buffer overflow” attack. The result code was 414 (URL too large) which means that the attempt to overflow the buffer failed.

Another thing that I’ve found in my logs is in the referrer log. This referrer log can be useful in finding how people got to your site. Say that I had just got a link posted to my site on another website, then when people click on the link to visit my site I can see the “referrer” or the site that housed the link they clicked on. Unfortunately it’s possible to craft a request for the page that manufacturers an address. This is called referrer spam. For instance, I’ve found addresses of several porn sites in my referrer logs. I seriously doubt they have a link to my page. I’ve found recently I’m getting referrer spam from a “smokersteeth” website of some sort.

It’s worth mentioning that it’s probably worthwhile to password protect any web directories that might let you view your logs over the web to protect against being used as a way of advertising these sites. They may still show up in your logs as it’s pretty simple to automate a large batch of sites on the chance that someone’s going to see the link and visit. As I’ve discussed before, just because there are no links to something on your website doesn’t mean that it can’t be found. So, best practice is to password protect your log viewing pages.

Related Posts

Blog Traffic Exchange Related Posts
  • Preventing web crawlers from indexing everything Ok, so we've seen how to password protect directories to keep the web crawlers out, but I don't want to go through that. I want to keep the page open, but I don't want it spidered and indexed by the bots. There are ways for doing this too. In fact......
  • Protecting yourself from Phishing attacks OK - well if you know what phishing is. You may already be ahead of the game. By now you've probably seen the messages. From:security@yourbank.com to:youremailaddress@isp.com subject:Security breach of your account text: It has come to our attention that there have been numerous ip addresses attempting to access your account......
  • The war on terror on the web Since it's related to the web, I'll post it here. According to The Times Online (UK), tens of websites linked to Al-Qaeda have abruptly vanished from the web. Apparently, it's suspected that British Intelligence has had something to do with the closing of the sites which, among other things provided......
Blog Traffic Exchange Related Websites
  • eBook Fishing in California The Complete Guide to California Fishing Download Your 32 Page FREE eBook Are you planning a vacation to California? Looking for a better way to fish the more than 1000 lakes throughout this state? You'll find everything you need to know inside The Complete Guide to California Fishing! We've......
  • How To Get Back Links From Article Syndication And Get To The Top Of Google Every expert web marketer has learned that back links are commonly the key to a web page's success and getting to the top of a search engine's Search Results. Getting to the top means reaching the first two pages of Search Results. Fact is, only about 1% of all internet......
  • Post Submissions Assists Your Internet Site Ranking High Back-links is usually a concept describing to Internet links that time other folks toward your corporations webpages. Inbound links absolutely are a erect signal from the variation or use of that Web property. Back links at the moment are getting to be significantly substantial for Search engine marketing specialists mainly......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site