It's also hard to sort out everything a poster wants to know when he throws a whole handful of questions out in one gigantic post. :)

I almost guarantee you will get more specific and helpful answers to all your questions if you take the time to sort through them and post them separately in the most appropriate forum for each one. To start, I'm going to move this thread to the "New to Web Development" forum, since that seems like a more appropriate forum than FOO. ;)

However, here's some quick replies off the top of my head:

1. I believe it is your responsibility to block garbage requests from your site. Your host's main responsibilities are only to ensure that your site is available to visitors. Uptime & reliable storage space is their job. Traffic control is in your court.

2. Sign up with a new host, upload your entire site to their servers, and make sure it's all working from the IP address. Then put in the nameserver transfer request with your registrar... that way, there's a copy of your site available from both locations in case a spider comes to crawl the site. As soon as the nameserver change "propagates" (ie- as soon as you are only accessing the new host's server with your domain), delete the site off the old host's servers.

It shouldn't affect your PR at all, because people link to your domain name/URLs, not your host/IP number.

3. Any page request ending in .dll is someone scanning for a vulnerable Windows server. If you're not hosted on Windows, you've got nothing to worry about.

Re: responsibility for server load. Hmmmm... this isn't as clear cut as it may appear.

Assuming the host server is running several virtual servers. I expect (operative word) the provider of the physical server and all of it's hardware to be responsible for and ensure I have a secure and sufficient "playground" with which to build/work. This includes taking security measures to prevent malicious programs from interfering with my service by preventing or at least stopping flood pings, trojan horses, and the like as well as monitoring bandwidth loads and policing rogue websites that generate traffic bottlenecks which severely impact the other virtual servers. Now, in reality, some providers are better than others but then you knew this ;)

Your virtual server, however, is your responsibility. It's your code and there are steps you can take to protect your bandwidth and keep your web space secure. Do a search for web site security here and I'm sure you'll get enough material to get you started.

As for the acronyms. I understand. Look through the FAQs (frequently asked questions - just in case ;)) or do a search. If all else fails, feel free to ask - we've all been there. Heck, I still am.

GB

As far as GETs to /_vti_bin/owssvr.dll

Don't worry about it. Been discussed before. See:
[webmasterworld.com...]
and
[lists.jammed.com...]

You can see it for your self if you have IE and click on that 'Discuss' button on one of the toolbars.

acronyms,

as with anything else, ask. I don't know what people are talking about in some of the threads either, I just ask.

You don't even need to do the "sorry if this a silly question", just pop in with "what is ..." I know everyone would be happy to answer and if you don't know there are probably more people who don't either.

I've asked about 'FormMail.pl/formmail.cgi'

Whose responsibility is it to block them from hammering my server?

Not knowing your exact situation maybe look into upgrading your formmail.pl. There has been a LOT of talk about lower/older versions being unsecure. The result would be a flood of mail coming from your domain. If this is the case that would be your responsibility, not the host.

If I am off base...sorry.

Brian

Here is a problem I'm sure many of us novices have when we peruse the posts. Since many of you write using acronyms, it's difficult for me to understand just exactly what it is you are saying. When I don't understand those meanings it's difficult to get a handle on what the solutions are you are alluding to.

This should cover most of them: acronyms [dhdwebdesigns.com]

dhdweb

mivox

I see your point on multi-point queries and consider myself corrected.

Thank You.

---------------------------------------------------------------------

lorax

Understood.

Thank You as well.

---------------------------------------------------------------------

bobriggs

Thanks for the links.

---------------------------------------------------------------------

jatar_k

Understood and Thank You.

---------------------------------------------------------------------

Reflect

Perhaps just a tad off-base, but that's ok because I did not specifically state (in this post) that I do not use formmail or cgi-bins. Not your error, but Thank You anyway.

---------------------------------------------------------------------

That then, leaves - dhdweb.

When I posted my question regarding acronyms it was with respect to jargon commonly used in WebmasterWorld and not chatroom garbage. I do not appreciate the foul language used in that link, nor do I consider it on topic to my original request or respectful of myself or others who may find that sort of language objectionable.

You were out of line.

---------------------------------------------------------------------

Mod: If you choose not to post this response in it's entirety that is up to you. However, might I suggest checking links supplied before hand?

Having said all that...I can find no particular reason to continue posting and shall return to lurking.

Feel free to delete my membership and consider this an electronic signature to that effect.

Glenn E. Carper
a.k.a. Pendanticist

Mod: If you choose not to post this response in it's entirety that is up to you. However, might I suggest checking links supplied before hand?

We don't pre-moderate posts. Generally, if there is a problem, either one of the moderators will find it and take care of it, or one of our members will do us the favor of notifying the moderator via our StickyMail private messaging system so we can attend to it.

pendanticist

Sorry if I offened you, if I could remove the link, I would!

But IMHO the link does contain a lot of the acronyms used here. (and then some)

So please DGYPIAUR!

A note to the MOD: If you feel the link is out of line, please remove it. post#7

dhdweb

<edit>Removed what could have been taken as rude statment</edit>

>Whose responsibility is it to block them from
>hammering my server? My host server, or me?

Unfortunatly you. The host can touch all that stuff. It's is rampant. You'll have to read the fine print of your hosts AUP/TOS.

>What is the best way to ensure a fluid move? Is there a time NOT to move?

Get the site up and running on the new ip. Remove any absolute addresses if you can so the just the raw ip will work for you while you test. Then switch the dns and just wait until it looks like its propogated through the net. Wait another couple days after that, and then remove the old site. (leave the old site there as long as you can).

>Next, is '/_vti_bin/owssvr.dll' something to be
>concerned about? If my recall is working, this is a worm?

Always be concerned about front page extensions. The hacker communities call FP extensions, our little gift from Bill. They found another hole in them this week.

Most of the traffic that is no account usually come from bad bots.

Do a site search here for a really good .htaccess file that bans almost all of them. You can probably use a robots.txt file for this also.

Ann