Thread: Requests for non-local pages
View Single Post

  #5 (permalink)  
Old 03-05-2005
Jan Klaverstijn
 
Posts: n/a
Default Re: Requests for non-local pages
"NSpam" <chris.newey@gmail.com> schreef in bericht
news:Zr1Wd.290604$K7.260096@fe2.news.blueyonder.co .uk...
> HansH wrote:
>> "Jan Klaverstijn" <jan@klaverstijn.nl> schreef in bericht
>> news:422888f0$0$90482$dbd45001@news.euronet.nl...
>>
>>>I am running the following Apache:
>>>If I look at my access log, I see predominantly requests for pages that
>>
>> are
>>
>>>not even served by me. I am quite puzzled by this. Some samples are:
>>>"GET http://www.joshuastarling.com/index.php?p=162 HTTP/1.0"
>>>"GET
>>>
>>
>> http://www.epilot.com/searchresultsS...eme=bluedesign
>>
>>>HTTP/1.0"
>>>"GET
>>
>> http://z1.adserver.com/w/cp.x;rid=13...17;c=923;;nc=1
>>
>>>HTTP/1.0"
>>>
>>>The originating ip addresses differ greatly and are never internal
>>>(192.168.*). The requests receive a 404 response,
>>>but I hate the clutter of my logs
>>
>> Try conditional logging
>> http://httpd.apache.org/docs-2.0/logs.html#accesslog
>>
>> -if you want to clean the error_log too, try
>> http://httpd.apache.org/docs-2.0/logs.html#piped-
>>
>>
>>>and the overhead this causes to my server.
>>
>> Setting and testing the logging condition may increase the overhead...
>>
>>
>>>Obviously, all seem to be about the usual adware.
>>>Can someone tell me what's happening
>>
>> Some think your system is a proxy ...
>>
>>
>>>and how to stop this or
>>
>> You have no control over their thoughts -nor their PCs-.
>>
>>
>>>at least minimize the impact?
>>
>> AFAIK responsing 404 is the minimum impact.
>> If there is a firewall upfront, it might be able to block this kind of
>> requests.
>>
>> HansH
>>
>>
>>
> If you are serving remote pages via your web server then you have a
> configuration issue. Sounds like you are unintentionally running the
> webserver as a proxy. Severly bad move, check out your httpd.conf file.

No, certainly no proxy. It may be true however that somebody thinks I have
one and forwards requests to me. I will see what my allready busy firewall
can do. I could also check headers and make a 403 (forbidden) out of these
404's. Would that discourage the suspect?

Thanks,
Jan.