Don't Understand "POST" command

Forum Moderators: phranque

Message Too Old, No Replies

Don't Understand "POST" command

aristotle

12:12 pm on Jun 1, 2013 (gmt 0)

Recently I've started noticing the following type of entry in the logs for one site:

121.205.197.205 - - [31/May/2013:13:28:18 +0000] "POST /widgets.html HTTP/1.1" 200 16103 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 243 116384

Can someone explain exactly what this request means, and why googlebot would make it. Descriptions of the "POST" command say that it means "create", but these pages have existed for years untouched. I don't understand what googlebot is doing here. Maybe the explanation is elementary and obvious to others, but not to me.

londrum

12:30 pm on Jun 1, 2013 (gmt 0)

have you got a form on that page? like a search box, maybe? the bot is probably just filling in the form to see where it goes. forms can either be POST or GET. if its POST then the following url always stays the same, and the form data is passed 'silently'. but if its GET then the form data is appended to the url as a load of query strings

aristotle

12:44 pm on Jun 1, 2013 (gmt 0)

londrum - Thanks for your reply. Actually all of these pages are simple static html -- no forms, search boxes, or any other kind of user input is possible.

wilderness

1:05 pm on Jun 1, 2013 (gmt 0)

search archives for "fake googlebot".

aristotle

4:17 pm on Jun 1, 2013 (gmt 0)

Thanks wilderness
You're right -- Most likely it is a fake googlebot. The IP 121.205.197.205 appears to trace to a location in China.
I checked the code on some of the pages and don't see any problems. Since eveything on the site is hand-coded static html, it would be hard to hack anyway, so I'm not going to worry about it anymore, at least for now.
Thanks again

g1smd

5:17 pm on Jun 1, 2013 (gmt 0)

If you have no forms at all on your site, you could always block all POST requests with a line of code in the site configuration file.

aristotle

5:48 pm on Jun 1, 2013 (gmt 0)

g1smd
Thanks -- I really don't like to block, forbid, etc unless something becomes a big problem. I don't know nearly as much about these matters as other people here and could make an error. The main reason I started this thread is because I wasn't familiar with this "POST" command.
Thanks again to everyone

lucy24

7:57 pm on Jun 1, 2013 (gmt 0)

If you have no forms at all on your site, you could always block all POST requests with a line of code in the site configuration file.

I do this just on general principle: the end result of a 403 isn't really any different from a 404, it's just so much more gratifying :)

RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} !piwik
RewriteRule (^|\.html|/)$ - [F]

For "html" substitute whatever extension you actually use. On this site I've only got one page (other than analytics) that uses POST-- and that's php, not html. (Under what circumstances would you POST to an html page?)

g1, if you are back in the land of the living I wish you would have a look at this recent thread [webmasterworld.com]. While experimenting I discovered something I can't explain, no way, no how-- and the identical thing happens on two different Apache installations.

System

1:31 am on Jun 2, 2013 (gmt 0)

redhat

3 (off topic) posts about mod_dir were spliced to the relevant thread by phranque. See that thread at: apache/4576198.htm [webmasterworld.com]
1:08 am on Jun 2, 2013 (utc -7)

[edited by: phranque at 8:17 am (utc) on Jun 2, 2013]
[edit reason] clarify system tracks [/edit]