tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Kolinko <knst.koli...@gmail.com>
Subject Re: Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404
Date Wed, 17 Apr 2013 19:00:37 GMT
2013/4/10 Howard W. Smith, Jr. <smithh032772@gmail.com>:
> Every now and then, I like to review localhost_access_log files, just to
> see who might be trying to access my web app, running on TomEE 1.6.0
> snapshot (Tomcat 7.0.39). So, a few minutes ago, I saw the following in the
> log:
>
> 113.11.200.30 - - [09/Apr/2013:19:26:58 -0400] "HEAD /manager/html
> HTTP/1.0" 404 -
>

By the way
1)  I think just feeding the default ROOT webapp to a Google bot or
Baidu  will result in such requests coming from search bots for
awhile.  That is because ROOT/index.jsp has links to the Manager
application.

It looks like a good idea to add "noindex,nofollow" meta element to
that page, or at least to those links.

2) Bots may send HEAD requests to check whether the page has been
created or modified since the last scan.  A HEAD request is usually
served faster than a GET one.

Regarding a new feature of introducing a delay,
3) If you add a response delay it means that you are tying resources
of your server for that period of time. In the worst case you will be
tying a request processing thread.
Though it may be that your load is low and you have some free
resources for that.

Usually I would prefer to answer faster to to be ready to serve the
next request from a valid user.

Best regards,
Konstantin Kolinko

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message