|
|
 |
|
|
Thread Tools | Display Modes |
Apr 16th, 2007, 11:25 AM
|
#1 | |
|
Newbie
Join Date: Jan 2007
Location: Taylor, TX
Posts: 18
Rep Power: 0
 |
creating and useing an access log
Hi all.
I have a problem where I have a user that is adding spam content to one of my websites. The website is built as a community project for users of a software called anim8or. Users are allowed to add links to their favorite tutorials on using the software and so on. I had to stop working on the site, as I have been battling this spammer, who keeps adding multiple links to adult content and cialis and viagra type sites. I have made it so that whenever someone adds an entry to the database, it gives me their ip address. And I can block that particular ip address. As you know most people do not have a static ip address. Anyway, I resolved the ip address and found out that the isp for this person is a company called layered technology, and that they have an abuse policy. The company is willing to take action but they require that I give them the portion of "httpd access log". Apparently, I do not have one on my server. Here is the direct email that I recieved from the enforcement team. Quote:
My site is on a linux server, and I have built it all from scratch using PHP. Any ideas would be great, thanks. Sage
__________________
I reject your reality and substitute my own. If you aren't learning, you aren't living. www.an8search.com |
|
|
|
|
Apr 16th, 2007, 11:41 AM
|
#2 |
|
Resident Grouch
 
Join Date: Jun 2005
Posts: 6,453
Rep Power: 10
|
See your Apache config file (custom logs), or the Apache site for more detailed information. Presumes you're using Apache, of course.
__________________
Abstraction doesn't make it impossible to write bad code; it makes it possible to write superior code. Contributor's Corner: Grumpy on C++ Exceptions DaWei on Pointers |
|
|
|
|
Apr 16th, 2007, 1:52 PM
|
#3 |
|
Programming Guru
Join Date: Jul 2004
Location: United States
Posts: 3,467
Rep Power: 8
  |
I have had similar issues on my site from the same domain. IF you are running Apache, you can try looking for the log file named /var/log/httpd/access_log. Here is an example:
[root@pandora httpd]# pwd /var/log/httpd [root@pandora httpd]# cat access* | grep layered 26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:33 -0500] "GET / HTTP/1.1" 200 4753 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:34 -0500] "GET /guestbook HTTP/1.1" 301 321 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:35 -0500] "GET /guestbook/ HTTP/1.1" 200 482 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:35 -0500] "GET /guestbook HTTP/1.1" 301 321 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:36 -0500] "GET /guestbook/ HTTP/1.1" 200 482 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:37 -0500] "GET /books.html HTTP/1.1" 200 885 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" In attempts to block them, you can add this in /etc/hosts.deny: ALL: layeredtech.com And/Or this in the .htaccess of the directory that's being hammered: order allow,deny deny from layeredtech.com allow from all
__________________
http://jasonpowers.net "There are a thousand hacking at the branches of evil to one who is striking at the root." |
|
|
|
|
| Bookmarks |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
