The junk that you will find in web access logs



If you have a website, you likely will look at your logs from time to time to see just who or how many people are visiting your site. I’ve certainly looked at a lot of logfiles both for my site and for others and thought I’d pass along some things you will likely see. For starters you are likely to see requests for pages that don’t exist. Even if you’ve never made changes to your site, you may see requests for files like ../../cmd.exe


I was at first amused when I saw this entry in my website logs. .exe files are windows executables and cmd.exe is basically windows command shell. My server was NOT windows, so I knew that not only would this file not be found, the vulnerability they were trying to exploit would fail. Sometimes you’ll see extremely long entries in your logs. For instance I’ve seen one lately, that looks like this SEARCH /x90x04Hx04Hx04H except it goes on and on for 3 pages worth of scrolling. My suspicion is that someones trying to do a “buffer overflow” attack. The result code was 414 (URL too large) which means that the attempt to overflow the buffer failed.

Another thing that I’ve found in my logs is in the referrer log. This referrer log can be useful in finding how people got to your site. Say that I had just got a link posted to my site on another website, then when people click on the link to visit my site I can see the “referrer” or the site that housed the link they clicked on. Unfortunately it’s possible to craft a request for the page that manufacturers an address. This is called referrer spam. For instance, I’ve found addresses of several porn sites in my referrer logs. I seriously doubt they have a link to my page. I’ve found recently I’m getting referrer spam from a “smokersteeth” website of some sort.

It’s worth mentioning that it’s probably worthwhile to password protect any web directories that might let you view your logs over the web to protect against being used as a way of advertising these sites. They may still show up in your logs as it’s pretty simple to automate a large batch of sites on the chance that someone’s going to see the link and visit. As I’ve discussed before, just because there are no links to something on your website doesn’t mean that it can’t be found. So, best practice is to password protect your log viewing pages.

Related Posts

Blog Traffic Exchange Related Posts
  • Protecting access to web directories with htaccess Okay, in an earlier article I was looking at uses of Google that might reveal things you don't want revealed about your website. Maybe a test directory that you don't want to be spidered. I want to say that it's not possible to keep it hidden just by NOT linking......
  • How much is it worth to you to have a responsive website? How can I say this.... this is one of the worst ideas I think I've heard this week from an ISP. (Maybe in a long time, but I'd have to think on that a few minutes.) An executive at Bellsouth thinks that ISP's ought to be able to charge certain......
  • Google Analytics under the microscope I've spent some time this evening looking at Google Analytics. (Now the data is being collected.) And I've got to say I'm impressed with the scope of what I'm seeing. First, since last night, more stats have been collected, there seem to be some missing from today yet (maybe ~12......
Blog Traffic Exchange Related Websites
  • Search Engine Optimization For Dummies Many people have said to me that they can't afford to employ a SEO company, but they would still like to get better search results on Google, Yahoo and MSN searches. Are there any basic rules that they can follow to improve their ranking on search engine results pages (SERPs)?......
  • Tactics For Putting Together A Diversified Inlink Profile Most niches are so competitive, that on web page search engine optimization and excellent content is no longer adequate to rank properly inside the search engines. To achieve large positions in search engine outcomes, you require back back links. Not just do you have to have back backlinks, but you......
  • Virtual Assistants - The Way To Get Valuable Links For Your Site Virtual assistants discuss that links are essentially on-line votes for your own internet site. As you get more votes, your site is seen more favorably by the search engines and you also enjoy higher rankings. All of those links can have more or less importance. When you get linked to......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site