|
-
Dec 2nd, 2006, 01:16 PM
#1
Thread Starter
Hyperactive Member
Problem with error 404 hacking.
I created custom error 404 and 500 pages that send me an email when there is a problem. I did this so if there was a dead link or something, I would be notified. Howerver, I am having a big problem I don't know how to fix. I am getting tons of email (over 300 this morning), but here is what I don't understand. I collect the referrer page, and the page that is being requested, for my email. The problem is, the referrer and the requested page are not my domain!?!?! How can this be possible? More importantly, how can I stop this?
If I had to guess, I would think that someone is using my error pages, but is that possible? I have included an example below. One other bit of information; the domains are not from the same site, there are many different domains that are coming in my email. Any help with this would be really great.
VB Code:
There has been an error:
The user was coming from page: [url]http://www.jobsandjobs.de/[/url]
The user was going to: [url]http://www.jobsandjobs.de/error404.aspx?404;http://www.jobsandjobs.de:80/eintragism_premium.php[/url]
Error occured on:
12/2/2006 10:26:55 AM
The user's IP is: 59.120.55.183
Thank you for your help.
Edit: BTW, this is ASP .NET 2.0. Just incase that matters.
Edit 2: One other thing I just noticed. On the last batch that I got today. The IP address is the same on all of them. I am not sure what that means, though.
Last edited by Krenshau; Dec 2nd, 2006 at 01:26 PM.
-
Dec 3rd, 2006, 09:05 AM
#2
Addicted Member
Re: Problem with error 404 hacking.
Hey,
How did you set up the error page? In the web.config or in the IIS settings?
Is your site running on shared hosting?
F
-
Dec 3rd, 2006, 09:29 AM
#3
Re: Problem with error 404 hacking.
Sound like a spammer is poking around.... looking for anything and everything.
-tg
-
Dec 3rd, 2006, 03:36 PM
#4
Thread Starter
Hyperactive Member
Re: Problem with error 404 hacking.
Yes, I have it set up on shared hosting. I did switch my error config from IIS to the web.config file now, too.
I did find out that the IP address is listed on a blackhole list (or something like that, didn't really understand what it was) on NSlookup. I also attach a class to each web page that tracks the usage of my website, and I found out that it appears to be a bot. I added the user-agent to my robots.txt file, so I hope that puts an end to it.
I am not sure what else to do. I am no expert when it comes to web stuff, I am still learning. If anyone has any suggestions, I am very open to them.
Thank you for your help.
-
Dec 4th, 2006, 05:09 AM
#5
Re: Problem with error 404 hacking.
It's simple, don't send emails. That's what server-side error logs are for.
All HTTP headers can be manipulated.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|