1. Home
  2. Forums Index
  3. WebmasterWorld / Website Analytics - Tracking and Logging 9:06 am May 14, 2026

Forum Moderators: DixonJones

Message Too Old, No Replies

strange url

         

stevelibby

6:18 pm on Jun 8, 2008 (gmt 0)

10+ Year Member



hi i wonder if someone here can help, i keep finding this in my log files:
2008-06-07 02:40:18 W3SVC167224293 10.216.12.111 POST /http:/www.'partdomain' - 80 - 61.146.64.146 HTTP/1.0 Mozilla/3.0+(compatible;+Indy+Library) ASPSESSIONIDAABASDAQ=FHBBDDNACIENCJOLGJJLACHO - 404 0 2 1819 299 93

i cannot seem to find where its coming from?

Staffa

8:50 pm on Jun 8, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



If you mean where the IP is from, then 61.146.nnn.nnn is from China(net)

stevelibby

9:01 pm on Jun 8, 2008 (gmt 0)

10+ Year Member



no, its the post? and the url its asking for? is it a link from in my site?

Staffa

9:26 pm on Jun 8, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Some badly configured bot trying to spam ?

Indy+Library does not have a good reputation.

Receptional Andy

9:35 pm on Jun 8, 2008 (gmt 0)



The + symbol in the user agent is also a clue to misconfiguration. It looks like someone playing hacker and not doing too well at it. There are various other indy library posts [google.co.uk] dating back to 2001[/url]! If you're security conscious, block any accesses from this agent.

Edit: shocking grammar

[edited by: Receptional_Andy at 10:04 pm (utc) on June 8, 2008]

stevelibby

9:36 pm on Jun 8, 2008 (gmt 0)

10+ Year Member



i am getting many many requests from this bot, how can i stop this annoying git. i am on a windows /shared hosting.

Receptional Andy

9:49 pm on Jun 8, 2008 (gmt 0)



Unfortunately IIS gives you little control over this as a site operator. Your best bet may be to ask your host to ban it, or ask them to recommend a method that you can use with their server config.

Staffa

9:55 pm on Jun 8, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Assuming that you run classic asp pages and assuming that it always comes for your index/default page - which most bots do - then add the following :

At the very top of the page

<%
who = request.ServerVariables("http_user_agent")
if who="Mozilla/3.0 (compatible; Indy Library)" then
response.redirect ("banned.asp")
else
%>
-------- then -------
the
whole
of
your
current
page
-------- here -------
<% end if %>

I removed the + signs from the UA because they are added by the Win log files.
The page it is redirected to can be named anything but should NOT exist, then the bot gets a 404 and goes away. If it exists the bot will run in circles between index and banned.

[edited by: Staffa at 10:08 pm (utc) on June 8, 2008]

stevelibby

6:46 pm on Jul 3, 2008 (gmt 0)

10+ Year Member



why cany cant i just redirect it to the home page?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Website Analytics - Tracking and Logging 9:06 am May 14, 2026