Frank_Rizzo - 8:31 am on Jun 24, 2010 (gmt 0)
That's a lax attitude towards security :-)
Until the reason for the page GETs is known it is a threat and needs to be treated as such.
No-one has ruled out a forged IP, no-one has ruled out a third party infiltration of serps.
It may not be hurting now but it could turn around at any time and bite in the a**.
What if I did have a higheredjobs/login/ page? What if I did have an /admin/ directory? What if they start to crawl for other pages which I do have on the site?
Even if there is no 3rd party exploit attempt here it is still not right. For yahoo to be looking for the same page names as it's own sites pages seems to be a fault and faults should be rectified.
Until I know otherwise this is a threat to my site. I am now pursuing that line of action against Yahoo and it will be up to them to explain why attempts at retrieving sensitive pages on my site are emanating from their IP.