Forum Moderators: DixonJones
Saying that, I have some problems with log stats of one of my new clients: when I look at its log stats, I found that in last 3 months all the visits come from only 1 host!
It looked quite strange to me(?!), so I spent some time investigating the problem.
I look at the IP address of this host, and I found that it is the IP of the computer on which Symantec Enterprise VPN 7 is installed.
So, the situation is: the firewall blocks every requests to the web server, check each of them, and then re-send it to the web server, with the result that each requests come from the firewall.
Is there something to do for recovering the original hosts that visit my client's website?
Many thanks in advance.
I've always been a fan of hardware firewalls, Cisco PIX series in particular. Software firewalls aren't as reliable, and of course rely on a PC to operate. If that PC goes down, which they often do, you're offline until you either re-configure the PC and then re-install the software, or re-configure your entire network.
A hardware solution is much better, more customizable, and more stable. I've never had a Cisco PIX go down, ever.
Is there something to do for recovering the original hosts that visit my client's website?
Yes, the solution (client side data collection) is to place a snippet of javascript in each of your pages and have the code execute when the visitor has downloaded the page. As it runs in his browser you can retrieve details about his system (like IP number) and then ending it with an outbound call for a dummy.gif image on your own server pass the collected information on as a variable.
Most of the free counters on the web do this.
It is a free solution that doesn't require any change in the way you are analyzing now.
