tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Howard W. Smith, Jr." <>
Subject Re: Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404
Date Wed, 17 Apr 2013 22:35:04 GMT
On Wed, Apr 17, 2013 at 3:45 PM, Leo Donahue - RDSA IT <> wrote:

> Not knowing anything about the history of the HTTP 404 method, if a server
> does not find a matching request URI, why was it decided that the protocol
> would even respond at all?  Seems like the request could have just been
> ignored or dropped.
> [Way OT...]
> If you get this to work, then the next place you can take this idea is to
> the phone company.  Why should my phone even ring at all if I know the
> caller is from an 800 number... or from some other list of people I don't
> care to talk to ... I would love it if those guys had to wait 10 or 20
> seconds between rings... that would be great!!

+1 being facetious here, but IMHO, when André proposed the 'delay 404' (or
at least when I started reading this thread earlier this afternoon), I
thought, wow, it would be nice to respond to these bots with a 2GB-size
html page instead of returning 404. I know such an idea will ever be
implemented, but was just a thought. That will surely rock their world and
the web server's world (which we don't want, of course).

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message