Wierd wierd wierd "not found URL's" (code 404s)
|
10-26-2006, 12:47 AM,
Post: #1
|
|||
|
|||
Wierd wierd wierd "not found URL's" (code 404s)
For the last few months my commerce site (zen cart) has been getting hundreds of hits for very specific pages that do not have anything to do with my site. Most, but not all of the requests are for images.
Here are some examples: /shop/images/gift_certificates/mrs-desilva-clips.html 10 - /shop/images/medium/dvd/hlds-hacks.html 8 - /shop/admin/images/graphs/allintitle:-sweetkrissy.html 8 - /shop/images/large/dvd/ww.webshot.com.phtml 7 - /shop/images/large/microsoft/www.merchantguild.ragnamart.com.htm 5 http://search.yahoo.com/search /shop/images/medium/microsoft/dr-divx-1.04-hack.html 4 - /shop/images/gt_interactive/cs-cz-key-generator.html 4 - /shop/admin/backups/descargar%20crack%20gta%20vc%20no%20cd%20juego.jsp 4 /shop/images/categories/download-rapidshare-ntl.html 4 - /_vti_bin/owssvr.dll 3 - /shop/media/.feedback,.telloldnavy.com.phtml 3 - /shop/admin/backups/wc3%20tft%20and%20RoC%20cd%20key%20Grabber%201.19.jsp 3 /shop/images/gt_interactive/Flash%20Dash%20registration%20codes.jsp ~~~~~~~~~~~~~~~~~~~~~~~~ They just go on and on, 730 of them so far this month. Also have gotten 1124 "Moved temporarily 302 redirect" and I don't think I have any 302's set up. the stats: September: 404 = 385 ; 302 = 2204 August: 404= 411 ; 302= 3811 July: 404= 180 ; 302=9999 (maxed the counter??) June: 404= 25 ; 302= 1140 May: 404= 16 ; 302= 1530 Unique visitors are under 1500 per month. Anyone have any ideas what is happening? This does not look like a security issue, the requests are too specific. Someone's computer has heartburn??? May not be connected but I have been getting a few meaningless emails addressed to that website containing several paragraphs of random words for filler. Nothing to click - just a WTF is this about. I have graphics turned off so maybe I am missing something there. I guess if you want people to come.......
http://tibetan-jewelry.net http://ascendingpassage.com http://healweb.com http://tcrr.com http://pymd.com http://mtej.com http://unusualscience.com
http://ancientmystery.info http://xsvs.com http://whycat.com http://ctik.com http://ompendants.com http://travelintibet.com http://goddesses.tibetan-jewelry.net/ http://edenhash.com http://hippietao.com http://tibetanjewelry.net http://tldv.com http://nw.la http://shaktinode.com http://dragons.tibetan-jewelry.net/ |
|||
10-26-2006, 02:58 AM,
Post: #2
|
|||
|
|||
Re: Wierd wierd wierd "not found URL's" (code 404s)
which Zen Cart version are you using?
|
|||
10-26-2006, 04:59 AM,
Post: #3
|
|||
|
|||
Re: Wierd wierd wierd "not found URL's" (code 404s)
Whatever zen cart version they had in about June 2005 - don't know where to find the version number. I made a number of changes so I have not updated. Update is planned for this early spring when I may change hosts.
http://tibetan-jewelry.net http://ascendingpassage.com http://healweb.com http://tcrr.com http://pymd.com http://mtej.com http://unusualscience.com
http://ancientmystery.info http://xsvs.com http://whycat.com http://ctik.com http://ompendants.com http://travelintibet.com http://goddesses.tibetan-jewelry.net/ http://edenhash.com http://hippietao.com http://tibetanjewelry.net http://tldv.com http://nw.la http://shaktinode.com http://dragons.tibetan-jewelry.net/ |
|||
10-27-2006, 02:58 AM,
Post: #4
|
|||
|
|||
Re: Wierd wierd wierd "not found URL's" (code 404s)
[quote author=accentnepal link=topic=5594.msg29127#msg29127 date=1161838776]
Whatever zen cart version they had in about June 2005 - don't know where to find the version number. I made a number of changes so I have not updated. Update is planned for this early spring when I may change hosts. [/quote] That would be 1.25d. There are a few security patches you should install if you haven't already because the unpatched 1.25d has some serious cross site scripting vulnerabilities (look in both the announcements and announcements archives boards on the ZenCart forum for the patches you need). Most of those 404 errors you're getting look harmless even though some of them are obviously bots looking for a hole to exploit. Many bots indiscriminately try to access the same pages on every site to see if the site has the script they've been programmed to exploit (some of your errors are from stoopid bots trying to exploit a Tomcat (Java server pages) flaw, others trying to exploit a MS frontpage extensions flaw, etc).
"Well, Jay was so giddy that someone named Jay was involved with this site we posted our first non-eBay listing in 3 years here at Lunarbid (we tried two items at Yahoo once upon a time, they bombed)" -Marie posting in a LunarBid thread at OTWA in 2005 wins the award for 'most moronic reason ever given for choosing a venue"
"thanks twat u must have nothing better 2 do. do u talk to all your members like that. will not be recomending your site. best way to put it is TULIPTOOLS.COM IS REALLY SHIT. DONT JOIN." -pubescent owner of rinky dink off2auction.com in 2011 |
|||
10-27-2006, 05:47 AM,
Post: #5
|
|||
|
|||
Re: Wierd wierd wierd "not found URL's" (code 404s)
Sure looks like there are a lot of flaws out there to exploit.
Strange - I put my cart one level down at /shop, have a HTML page for a home page to give Google something to munch. Those stoooopid bots were smart enough to find /shop. So people spend their time trolling the internet trying to find stuff to mess up --- such fun! (or websites to hijack from which to send spam and other dastardly deeds) Thanks for your help.
http://tibetan-jewelry.net http://ascendingpassage.com http://healweb.com http://tcrr.com http://pymd.com http://mtej.com http://unusualscience.com
http://ancientmystery.info http://xsvs.com http://whycat.com http://ctik.com http://ompendants.com http://travelintibet.com http://goddesses.tibetan-jewelry.net/ http://edenhash.com http://hippietao.com http://tibetanjewelry.net http://tldv.com http://nw.la http://shaktinode.com http://dragons.tibetan-jewelry.net/ |
|||
« Next Oldest | Next Newest »
|
Possibly Related Threads… | |||||
Thread | Author | Replies | Views | Last Post | |
Microsoft's "Gatineau" Web analytics tool to launch beta | mandy | 2 | 2,454 |
07-24-2007, 07:22 PM Last Post: bargainbloodhound |
Users browsing this thread: 1 Guest(s)