<< 02 February 2003 | Home | 04 February 2003 >>

Stopping worms cluttering up your Apache logs

Fed up of 90% of your Apache log entries being failed requests for root.exe, cmd.exe and default.ida (caused by the Nmidia worm)? Here's how to stop it, put the following in your httpd.conf:

# Ignore worms
SetEnvIf        Request_URI "/(cmd\.exe|root\.exe|default\.ida)$" DontLog
RewriteEngine   on
RewriteCond     %{REQUEST_URI}  "/(cmd\.exe|root\.exe|default\.ida)$"
RewriteRule     ^.*$    - [forbidden]

and on your CustomLog line, append !DontLog, so it looks like this:

CustomLog               /var/apache/logs/access_log common env=!DontLog

The SetEnvIf and DontLog bits stop the request showing up in your access_log, and the Rewrite bits stop the failed request showing up in your error_log, as well as returning a 403 FORBIDDEN to the requesting PC.

Tags : apache, tech, web

Categories : Web, Tech

Responses[2]

Posted by Alan Burlison on 03 February 2003 10:13:03 GMT#

Navigate

Categories |Tags |Advanced Search

RSS | Atom | E-mail

Categories

Drumming (15)

Peak District (68)

PDNPA Rangers (35)

Personal (32)

Family (13)

Friends (6)

Tech (142)

Arduino (26)

Java (26)

Perl (20)

Scala (1)

Solaris (19)

Web (36)

Work (31)

Recent Responses

Re: Radio-controlled HL1606 strips
Dear Alan, I am working on project, where 200+ odd performers perform music and dance show. i am intrested in your product and wish i can implement LED strip on the all 200 performers, controlled by single controller, dstance to controll is about 1000 ...
Re: Why I'm ditching the Arduino software platform
Actually I've just replaced all the Arduino stuff. I now have an accurate millisecond timer that doesn't glitch as well as interrupt-driven, line-buffered serial IO that allows me to use avr-libc stdio functions such as printf() & scanf() and will ...
Re: Why I'm ditching the Arduino software platform
Have you considered submitting patches to improve the quality of the Arduino library? How about a fork at GitHub (or similar)? Please do it!
Re: Labrador Tea
Hello Alan, It was with much interest that i came across your web site describing Ledum groenlandicum at Black Clough. I have been growing/researching this particular plant for many years now and have set myself the challenge of visiting each and every ...
Re: Don't delay()
Have you looked at protothreads? https://www.sics.se/...

Archives

2012 February (2)	2011 November (2) September (1) August (1) June (1) May (1) April (3) March (4) February (2) January (4)
2010 October (3) September (3) August (1) July (2) June (6) May (10)	2009 December (1) October (1)
2008 November (1) February (1) January (3)	2007 December (2) November (7) October (1) September (2) June (1) May (3) April (1)
2006 December (1) November (2) October (2) September (1) August (1) July (1) June (5) May (1) April (6) March (3) February (7) January (4)	2005 December (4) November (2) September (3) July (1) June (2) May (9) March (4) February (8) January (5)
2004 December (3) November (2) October (10) September (6) August (3) July (8) June (10) May (4) April (5) March (2) February (5) January (7)	2003 December (5) November (3) October (3) September (15) August (3) March (6) February (3) January (3)

<< 02 February 2003 | Home | 04 February 2003 >>