|Strange apache log entries|
| 2:19 pm on Feb 22, 2005 (gmt 0)|
I'm getting some curious log entries in the form:
"GET ht*p://www.mysite.com/file/name HTTP/1.0" 200 1234 (instead of "GET /file/name")
It seems to be a scaper and I've banned it, but I'm curious to know what it's doing to give this result in the logs.
Playing around with a browser, the closest I can make is:
"GET /ht*p://www.mysite.com/file/name HTTP/1.1" 404 (with a / before the http)
Thanks for any enlightenment.
| 7:33 pm on Feb 22, 2005 (gmt 0)|
It's a test to see if your server will function as a proxy. As long as your server returns a 404 response, you're OK.
| 8:07 pm on Feb 22, 2005 (gmt 0)|
Thanks for your reply, Jim.
The (shared) server is, in fact, returning a 200 - but it's valid pages on the same site that are being requested, so it would seem that someone is using my site as a proxy to access my site. Strange.
Forgive my ignorance: is there a simple way to see whether "www.mysite.com", which is on a shared server, can be used as a proxy to access other sites?
| 2:07 am on Feb 23, 2005 (gmt 0)|
into your browser address bar. If it gives you google, or if your server logs show a 200-OK, then your server will function as a proxy.
You can do a better test if you use a 'terminal emulator', but the above should suffice for a quick test.
| 2:58 am on Feb 23, 2005 (gmt 0)|
jdMorgan, you are wrong about that test. That won't work -- it won't translate to proxy request.
Just use telnet -- even windows have it, and it accepts ports too. Do "telnet yourserver.com 80", then enter:
GET [yourserver.com...] HTTP/1.0
You need to hit enter twice after the Host: -- to enter a blank line.
| 2:10 pm on Feb 23, 2005 (gmt 0)|
Thank you, gentlemen.
Using telnet www.mysite.com 80
I see log entries identical to those that were puzzling me if I get a page of my site. But if I try to get Google, I'm given a page of publicity for my web host, and no corresponding entry in my access log.
Nice to have my doubts cleared up.