Oil Pine wrote: > Reviewing the httpd access log, I found the following entries: > > 69.209.112.92 - - [16/Nov/2005:09:06:46 -0600] "GET / HTTP/1.0" 200 589 > "-" "-" > 69.209.184.151 - - [16/Nov/2005:06:38:42 -0600] "GET / HTTP/1.0" 200 589 "-" "-" > 69.209.184.151 - - [16/Nov/2005:02:39:10 -0600] "GET / HTTP/1.0" 200 589 "-" "-" > 69.209.79.247 - - [16/Nov/2005:02:04:21 -0600] "GET / HTTP/1.0" 200 589 "-" "-" > > The first two numbers are the same as those of my dynamic IP address, so I assume they are either the customers of my ISP (SBCglobal.net) or the ISP itself. > > Before I set my server to deny access to these numbers, I would like to know what they are trying to do. I will appreciate any suggestion you may have. They're looking at your website. Presumably that's why you have a website - so that people can look at it. ;-) They did a "GET /" which means they loaded your homepage. They were successful (200) and retrieved the page, which appears to be 589 bytes. They went directly to the site (no referrer) and are not reporting a user agend string. That's not unusual or suspect. It's *possible* that they are up to no good, but these log entries don't support that conclusion. -- Rich Bowen rbowen@xxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx