David P. Donahue wrote:
Every once in a while, my access log gets flooded with massive byte arrays following a SEARCH command, the intent of which I can only assume is to hit some exploit that some other server has (or had). Is there a way I can set Apache to just ignore all SEARCH commands (all I really need is GET and POST)? Just trying to keep my logs from getting flooded with garbage data. Thanks.
They're usually scanning by IP address, so set the default page to something small that you don't bother logging and use named virtual host entries for your real content.
-- On June 1, 2001, Steve Ballmer, CEO of Microsoft, told the Chicago Sun-Times: "Linux is cancer." Unsurprisingly that's incorrect; LINUX was released on August 25th 1991 and is therefore a Virgo. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|