Solved

Why is this file constantly being requested?

Posted on 2009-04-03
6
201 Views
Last Modified: 2013-11-19
I have a file thats being requested so many times it's slowing down everything else.  

Edit - this question has escalated to here --> http://www.experts-exchange.com/Internet/Web_Development/Q_24293692.html

I set a disallow to the file in htaccess file which seemed to do the trick for about half an hour.  Now it's appearing again and i've now deleted the offending file.  

What I also want to know is, why is the site full path bolted on to the end?

I've traced a few of the IP's doing this and most have several hops all around the world.

i've substituted actual site name with www.mysite.com

/folder1/folder2/productimages/image1.jpghttp://www.mysite.com/folder1/folder2/productimages/view_page.php?section=MyHomePage
0
Comment
Question by:chriscounter07
  • 4
  • 2
6 Comments
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 500 total points
ID: 24064280
Hi chriscounter07,

It's possible that hackers/spammers have found a flaw in that PHP page and now robots are being pointed to it to exploit the flaw (only they may be doing it wrong).

It could also be a bad attempt at a DoS attack...
0
 

Author Comment

by:chriscounter07
ID: 24064345
I do see the possibility of this.

This bit here    ---> /view_page.php?section=OSHome    is normally on the front of the home page.   I would say my website is telling whatever it is a 200 Success message.  I want to tell it otherwise but cant think of a way apart from htaccess files blocking the path.

0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 24064392
I just posted in your question about how to use .htaccess to block bad behavior...
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 

Author Comment

by:chriscounter07
ID: 24145740
I'm going to reopen this and award points.  The first Expert comment highlighted the actual issue and the question never asked for a solution, just What the problem is and How it can come about.
0
 

Author Comment

by:chriscounter07
ID: 24145743
I'm going to reopen this and award points.  The first Expert comment highlighted the actual issue and the question never asked for a solution, just What the problem is and How it can come about.
0
 

Author Closing Comment

by:chriscounter07
ID: 31566406
Good simple answer.  Follow top link for solution to this question
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read about why website design really matters in today's demanding market.
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now