Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

HOW TO MANAGE LOG FILES (AND STATISTICS) CORRUPTED BY CODE RED VIRUS LIKE ATTACKS ?

attacks corrupted files log manage statistics
0
Posted

HOW TO MANAGE LOG FILES (AND STATISTICS) CORRUPTED BY CODE RED VIRUS LIKE ATTACKS ?

0 CommentsAdd a Comment

1 Answer

0

PROBLEM: My site is attacked by some Code Red Viruses. This make my log file corrupted and full of 404 errors. So my statistics are also full of 404 errors. This make AWStats slower and my history files very large. Can I do something to avoid this ? SOLUTION: Yes. ‘Code Red virus like’ attacks are infected browsers or robots that make hits on your site using a very long unknown URL like this one (hoping your server is IIS): /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%40%50…%40%50 URL is generated by the infected robot and the purpose is to exploit a vulnerability of the web server (only IIS is concerned by Code Red worm). So you will often find a ‘common string’ in those URLs. For example, with Code Red worm, there is always default.ida in the URL string. So, you should edit your config file to add in the SkipFiles parameter the following value: SkipFiles=”default.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.