Solved

A 302 redirect was discovered to be in place on the server hosing my ecommerece site. Should I have them remove it?

Posted on 2006-07-18
3
213 Views
Last Modified: 2010-08-05
Here's the explanation from the hosting service regarding the reason for it being there.  

Based on testing and web server log files (attached), here is what I believe to be happening:
 

1) The Asymptotic Design Server Header Checker attempts to check the headers on helloemeralds.com using the "head" command.

2) The Microsoft URL Scan utility on UniteU's web servers (helloemeralds.com) detects the head command and rejects the connection, generating a 404 (file not found) error.

3) Our web servers are setup so that 404 (file not found) errors redirect to redirect.asp.

4) Redirect.asp generates a 302 redirect, and sends the bot back to default.asp

5) Rinse and repeat – thus generating the loop you’re seeing.


The reason we have Microsoft URL scan setup, is to block attempts to hack into the web server. You can find more information at the following address: http://www.microsoft.com/technet/security/tools/urlscan.mspx 

The reason for sending 404 (file not found) errors to redirect.asp is that if someone hits a bad page on your site, they get redirected back to your main page (default.asp). (Redirect.asp can also be configured to send you email alerts whenever a 404 error is generated to help you keep your site up to date.)

That leaves us with the following options:

1) You can just keep in mind the results that the Asymptotic Design Server Header Checker are producing are not what Google Bot experiences and leave everything as its currently configured.  You can use either of the other two server header checkers that I sent previously to see how the server headers are configured.

2) We can disable custom 404 error reporting for your site. This will stop the Asymptotic Design Server Header Checker from looping but shoppers who hit a bad link on your site will receive a generic 404 error page instead of being sent back to your main page. The Asymptotic Design Server Header Checker will now display a 404 error though instead of a loop.

3) You can contact whoever makes Asymptotic Design Server Header Checker and ask them to modify their tool to not send the “head” command.

 
Experts! What is your recommended course of action here?
0
Comment
Question by:2alman
3 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 350 total points
ID: 17137197
2) configure your M$ tools to return RFC compliant codes, which is 401, 403 or best 405 in your case
if you return 404 or 30x you shoot into your leg as you just realised yourself ;-)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
iis reverse proxy virtual directory 8 206
Apache SSL and mod_rewrite not working 8 188
AWS New EC2 Instance and EBS Storage 2 85
change time in cron 4 88
This is a guide to setting up a new WHM/cPanel Server to be used for web hosting accounts. It is intended for web hosting company administrators and dedicated server owners. For under $99 per month (considering normal rate of Big Data Cetnters like …
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question