httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 21733] New: - Improving logging and access to avoid Code Red stuff
Date Sat, 19 Jul 2003 21:41:44 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21733>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21733

Improving logging and access to avoid Code Red stuff

           Summary: Improving logging and access to avoid Code Red stuff
           Product: Apache httpd-2.0
           Version: 2.0.47
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Other
         Component: Core
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: agomez@agsoftware.net


Servers infected by Code Red try to access some directories in my web server 
and also swells the log file with trash making my statistics useless.

1st) The access.log is swollen with useless data making impossible to analyze 
statistics.

2nd) Many connections from the corrupted servers waste bandwith usefull for 
other connections more productive.

3rd) The IP is faked so Apache would not be able to apply this criteria to 
filter the connections.

ENHACENMENTS PROPOSED. The best one that I think is:

To specify somewhere in the program that if you get a connection trying to 
access a directory of yours (clearly declared or using wildcards) then reject 
the connection and don't write any line in the log file.

This would free bandwidth for productive connections
This wouldn't produce any line in the log file.


Thanks. Great Soft. Great Job.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message