Apache Web-Serving with Mac OS X: Part 2
Subject:   questionable log entries
Date:   2003-10-02 09:55:53
From:   jmedley
I found the following log entries in access_log and am not sure what they are.... - - [02/Oct/2003:01:34:42 -0500] "GET HTTP/1.1" 200 6962 - - [02/Oct/2003:02:23:21 -0500] "GET HTTP/1.1" 200 6962 - - [02/Oct/2003:02:24:18 -0500] "GET HTTP/1.1" 200 6962 - - [02/Oct/2003:02:25:44 -0500] "GET HTTP/1.1" 404 314 - - [02/Oct/2003:02:27:40 -0500] "GET HTTP/1.1" 200 6962

Is someone going to other sites through my site?


Full Threads Oldest First

Showing messages 1 through 2 of 2.

  • questionable log entries
    2003-12-14 14:41:20  anonymous2 [View]

    No. From my experience, this does not mean you are an available open proxy: the 200 is misleading.
    The response size is always 6962, which is most likely to be your homepage (check against normal homepage requests), the exception is the jsp file request, which is responding with a 404 due to journals/query/subscriberSearch.jsp not existing on _your_ server. If they had requested a file that did exist on your server, for example mylogo.gif this would have returned that file (tested this on my apache 2.0.48-win32 server).
    Situation: your server is not being used as an open proxy and the request is being parsed so that becomes / returning files from your server, not the remotes as presumed.
    This is happening to many, do a google on "GET" to check out what others have to say.
  • questionable log entries
    2003-11-01 07:04:10  anonymous2 [View]

    Indeed - it looks like you're running an open proxy on that server and whoever is at has found it. seem to be a common test address in use for checking for open proxies.

    If this access should not ba allowed (i.e. is not an address you wish to proxy for) reconfigure your proxy server to return a 4xx (e.g. 404 or 403) error.

    Example from my log: - - [01/Nov/2003:14:32:00 +0000] "GET HTTP/1.1" 403 2898 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)"

    Hope this helps,