Strange 404 Errors - Eh?

5 replies
404 errors last month for this one site alone generated 72679 hits and used 1.08 gig of bandwidth. Argh.

Here are the 404 errors in my awstats report for the last month. The number is the "error hits" with the dash indicating no referring url:

/login.php 415 -
/cgi-bin/ 384 -
/scripts/login.php 374 -
/cgi-bin/login.php 374 -
/scripts/ 365 -
/scripts/admin.php 220 -
/admin.php 219 -
/cgi-bin/admin.php 219 -
/scripts/search.php 154 -
/cgi-bin/login.cgi 132 -
/cgi-bin/search.php 132 -
/scripts/fake.cgi 128 -
/search.php 127 -
/search 110 -
/main.php 110 -
/scripts/main.php 110 -
/cgi-bin/main.php 110 -
/scripts/tiki-index.php 110 -
/cgi-bin/tiki-index.php 107 -

I don't have any cgi scripts or even a folder named "scripts" so what could it be? I'm guessing automated hacking attempts?
#404 #errors #strange
  • Profile picture of the author TristanPerry
    Yep, just automated bots - probably attempts at automated hacking.
    Signature
    Plagiarism Guard - Protect Against Content Theft
    {{ DiscussionBoard.errors[1695511].message }}
    • Profile picture of the author Joshua Uebergang
      Is there anything I can do about this? Like maybe .htaccess... I'm don't know.
      {{ DiscussionBoard.errors[1695720].message }}
      • Profile picture of the author TristanPerry
        Originally Posted by Joshua Uebergang View Post

        Is there anything I can do about this? Like maybe .htaccess... I'm don't know.
        You could ban the IP addresses doing this by adding:

        order allow,deny
        deny from [ip address to ban]
        deny from [another ip address to ban]
        deny from [etc]
        allow from all

        to your .htaccess.

        So, for example, add:

        order allow,deny
        deny from 61.241.21.20
        allow from all

        To ban IP address 61.214.21.20, etc.

        Other than that, there's not much you can do to be honest.
        Signature
        Plagiarism Guard - Protect Against Content Theft
        {{ DiscussionBoard.errors[1695730].message }}
        • Profile picture of the author Joshua Uebergang
          How can I see what IP addresses are attempting to run the non-existent files?
          {{ DiscussionBoard.errors[1709599].message }}
  • Profile picture of the author Mylinkking
    Banned
    [DELETED]
    {{ DiscussionBoard.errors[1709615].message }}
    • Profile picture of the author Joshua Uebergang
      That's why I'm asking how to find the IPs doing this...
      {{ DiscussionBoard.errors[1709625].message }}

Trending Topics