Forum Moderators: DixonJones
checking my online logs today I noticed a visitor who is looping through the same cycle of 10 images on one of my sites. The requests are a constant loop, it takes less than a second to loop through and then it starts again. So far today it's thousands of requests.
a sample log entry is :-
www.xxxxxxxxx 65.137.42.30 - - [17/Mar/2003:05:33:16 +0000] "GET /images/pic2.jpg HTTP/1.1" 304 - "http://www.xxxxxxxxx/xxxxxxx.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461; YComp 5.0.2.4)"
The return code is a 304 so nothing is being sent but it's impacting response times, so I added in a .htaccess to stop it, but that didn't work (see below) and now it's a 403 with data.
www.xxxxxxxxx 65.137.42.30 - - [17/Mar/2003:13:51:41 +0000] "GET /images/pic5.jpg HTTP/1.1" 403 665 "http://www.xxxxxxxxxxxx/xxxxxxx.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461; YComp 5.0.2.4)"
Has anybody got any suggestions (I tried suspendeding the site briefly but it's still coming back.
Cheers
Andy
That's what I did,
I put up an htaccess file with
Order Allow,Deny
Allow from all
Deny from 65.137.42.30
which is when the return code went from a 304 to a 403.
Regarding the abuse, I think it's more the dump bot has got itself caught in an infinite loop, and I want to break the cycle.
I run an apache web server with multiple sites.
I've currently got the htaccess file in the "web" directory of this specific site.
Where should I put it to stop it before it gets there?
