Forum Moderators: open
GET /shell.php HTTP/1.1 404
GET /shell.php.suspected HTTP/1.1 404
GET /tmp.php HTTP/1.1 404
GET /tmp.php.suspected HTTP/1.1 404
GET /bubus.php HTTP/1.1 404
GET /bubus.php.suspected HTTP/1.1 404
GET /wso.php HTTP/1.1 404
GET /wso.php.suspected HTTP/1.1 404
GET /wso2.php HTTP/1.1 404
GET /wso2.php.suspected HTTP/1.1 404
GET /c99.php HTTP/1.1 404
GET /c99.php.suspected HTTP/1.1 404
GET /login.php HTTP/1.1 404
GET /login.php.suspected HTTP/1.1 404
GET /.images.jpg/login.php HTTP/1.1 404
GET /.images.jpg/login.php.suspected HTTP/1.1 404
GET /1111.php HTTP/1.1 404
GET /1111.php.suspected HTTP/1.1 404
GET /1.php HTTP/1.1 404
GET /1.php.suspected HTTP/1.1 404
GET /mko.php HTTP/1.1 404
GET /mko.php.suspected HTTP/1.1 404
getting a slew of 404sIf for some reason you aren't able to block them, I hope you are at least returning those 404s manually based on the UA. Saves the server the trouble of looking for nonexistent files, and leaves the robot none the wiser. (I used to return a manual 404 on all php requests, but dropped it when it became redundant. I see I should perhaps restore it, possibly even replacing the $ anchor with \b for those weird locutions.)
SetEnvIf User-Agent "check\_http" keep_out
