Welcome to WebmasterWorld Guest from

Forum Moderators: Ocean10000 & incrediBILL & keyplyr

Message Too Old, No Replies

What's a random-spelled filename request mean?

Why do robots request bizarre random file names?

2:39 am on Mar 24, 2012 (gmt 0)

New User

5+ Year Member

joined:Dec 9, 2007
posts: 26
votes: 0

Three requests, in the same second:


Those robot requests make no sense to me. They looked like random letters. But I notice the file name begins "xml"

Are these in fact known names of vulnerable files in a specific application?

They got 403, but not sure why. Perhaps by IP ban because of a prior visit caught with suspicious activity. Like a request for admin, or login, or register, or upload, or etc. etc.

Meanwhile, as a separate question. If a filename seems to be just random letters, should I assume they are not in fact random (a real target somewhere) or what would be the purpose of a random file name request?
4:00 am on Mar 24, 2012 (gmt 0)

Administrator from US 

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 25, 2005
votes: 99

That's a standard hack attack looking for a page that tends to be vulnerable.
5:36 am on Mar 24, 2012 (gmt 0)

Junior Member

5+ Year Member

joined:Dec 1, 2011
posts: 192
votes: 0

This particular case, asking for xmlrpc.php, as incrediBILL mentions is an attempt to attack.
The different entry points (directory names) are typically just testing for sub-directories where you might have installed something instead of in root.

When you see totally random names from for example GoogleBot, where they ask for an html file with a name that is made up (such as 'gwekhrtipoiiybveee.html' or something), they are merely checking that your site knows how to return a correct code 404 (Not found). That you do not merely catch unknowns, and redirect, returning 200 instead. Such as with a site search for example.

Google for obvious reasons do not like it when sites return 200 (OK) for everything.

I have some sites, where I redirect users into a nice custom message with a product search if they try to hit an old URL, but I still return an official 404, just to make sure Google can do its cleanup.
10:40 am on Mar 24, 2012 (gmt 0)

Moderator This Forum from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
votes: 550

Also, sometimes the ending file (.js, .pl, .php or .txt) is appended to the GET request as a hack.

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members