LinuxSA Mailing list archives

  From: Alan Kennington <akenning@topology.org>
  To  : LinuxSA <linuxsa@linuxsa.org.au>
  Date: Mon, 28 May 2001 16:32:50 +0930

Re: Apache question

On Mon, May 28, 2001 at 03:34:20PM +0930, Ben Kramer wrote:
> 
> I keep seeing in my apache logs people accessing other sights via my
> server, eg:
> 
> 212.91.201.103 - - [28/May/2001:15:28:05 +0930] "GET
> http://www.united-ads.com/cgi-bin/banner.cgi?rytchkovserguei HTTP/1.0"
> 404 288 "http://www.geocities.com/giftsbestfy2000/index.htm"
> "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
> 
> I have looked in my config for apache and cant see anything turned on
> that would allow this.
> Does anybody have any sugestions ?


Ben,

In this case, clearly the client failed with the "404" result.
But it's more interesting than that.
Sometime they succeed!

I've noticed that Apache as downloaded normally will 
respond positively to the above request if you have a file 
cgi-bin/banner.cgi?rytchkovserguei. This is obviously not a good thing.
I often find that people try to access my site for other sites,
and they end up getting my / path, which does exist, obviously.

An even mroe worrying thing is that if I have a file
xyz.html and the client requests xyz, then the Apache server
delivers xyz.html. This is very peculiar, and despite some effort to locate
how to turn this off, I still haven't found out how it is controlled.

But it would also nice to be able to reject a request to
http://www.xyz.com/ returning my "/" URL.

I used to worry that the above indirect access requests was really
working, but in no cases has it seemed to work.

Cheers,
Alan Kennington.

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject