HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Server IP address in logs

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#82823 (In Topic #17265)
Avatar

Community saint

I have had this going on for ages but it finally is begging for an answer. I get numerous entries each day from my server IP going to various URL and sometimes non-existent URLs.

I checked with eLief, and they say it is some script that ocPortal is running that is creating these entries in Online Members and the logs. I thought, at first, maybe it was the CRON job but there are many entries a day and the CRON job runs only once a day.

Lately, it has taken to looking for URLs where "/" is replaced by "/".

Some samples I just grabbed:

Code

206.123.66.59 - - [02/Apr/2012:07:23:28 -0500] "GET /uvqqmnbjco HTTP/1.1" 404 389 "-" "ocPortal"
206.123.66.59 - - [02/Apr/2012:07:52:11 -0500] "GET /uvqqmnbjco HTTP/1.1" 404 389 "-" "ocPortal"
206.123.66.59 - - [02/Apr/2012:08:40:16 -0500] "GET /http://www.julianrittercentral.com/south_pacific_islands.htm HTTP/1.1" 404 8998 "-"

Attached is a file that contains the entries from the past 7 days:

Attachment
» Download: server_IP_hits.csv (20 Kb, 86 downloads so far)


Bob
Back to the top
 
Posted
Rating:
#82834
Avatar

Probably Guests previewing Comcode like:

Code

http://www.julianrittercentral.com/uvqqmnbjco/

The link will cause the Comcode parser to look up the link to find it's title.

I've just added a rudimentary CAPTCHA check on previewing. It's not secure but it will probably stop most bots from previewing when they would not be able to post.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#82840
Avatar

Community saint

Chris Graham said

Probably Guests previewing Comcode like:

Code

http://www.julianrittercentral.com/uvqqmnbjco/

The link will cause the Comcode parser to look up the link to find it's title.

I've just added a rudimentary CAPTCHA check on previewing. It's not secure but it will probably stop most bots from previewing when they would not be able to post.
I thought it might have been the URL lookups from spammer posts as I get ones with gibberish domains occasional. This gels with your Comcode parser, but when Bob mentioned that it happens several times a day and on 'Online Members' I figured it must have been something else.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#82875
Avatar

Community saint

I'm glad you guys know what uou're talking about. ANyway, it seems we might have a potential solution to check out in the next release.

Thanks Chris.

Bob
Back to the top
 
Posted
Rating:
#82917
Avatar

Community saint

BobS said

I'm glad you guys know what uou're talking about.
Nah, we just try and look like we know what we are talking about :lol: .

BobS said

ANyway, it seems we might have a potential solution to check out in the next release.
Adding CAPTCHA should definitely help as long as Chris remembers to only applies it to guest previews ;) .

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#82920
Avatar

Adding CAPTCHA should definitely help as long as Chris remembers to only applies it to guest previews ;).

All I did was say if there is a CAPTCHA field, to check it ;).

It's not security, but it should stop nonsense getting through.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#82921
Avatar

Community saint

With you guys in agreement, I feel that a solid solution is in place.

Bob
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: