Programming Forums

Programming Forums (http://www.programmingforums.org/forumindex.php)
-   Other Web Development Languages (http://www.programmingforums.org/forum40.html)
-   -   creating and useing an access log (http://www.programmingforums.org/showthread.php?t=13004)

sagedavis Apr 16th, 2007 12:25 PM
creating and useing an access log
 
Hi all.
I have a problem where I have a user that is adding spam content to one of my websites.

The website is built as a community project for users of a software called anim8or. Users are allowed to add links to their favorite tutorials on using the software and so on.

I had to stop working on the site, as I have been battling this spammer, who keeps adding multiple links to adult content and cialis and viagra type sites.

I have made it so that whenever someone adds an entry to the database, it gives me their ip address. And I can block that particular ip address.

As you know most people do not have a static ip address.

Anyway, I resolved the ip address and found out that the isp for this person is a company called layered technology, and that they have an abuse policy.

The company is willing to take action but they require that I give them the portion of "httpd access log".

Apparently, I do not have one on my server.

Here is the direct email that I recieved from the enforcement team.
Quote:
If this is being posted to a web-based forum/mail-form we will require the httpd access log excerpts demonstrating the connection/POST to be in a position to take action against our client.
It's not really a forum, nore is it mail, but, I figure there must be a way for me to monitor this, and show it to them.

My site is on a linux server, and I have built it all from scratch using PHP.

Any ideas would be great, thanks.
Sage

DaWei Apr 16th, 2007 12:41 PM
See your Apache config file (custom logs), or the Apache site for more detailed information. Presumes you're using Apache, of course.

Infinite Recursion Apr 16th, 2007 2:52 PM
I have had similar issues on my site from the same domain. IF you are running Apache, you can try looking for the log file named /var/log/httpd/access_log. Here is an example:

:
[root@pandora httpd]# pwd
/var/log/httpd
[root@pandora httpd]# cat access* | grep layered
26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:33 -0500] "GET / HTTP/1.1" 200 4753 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:34 -0500] "GET /guestbook HTTP/1.1" 301 321 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:35 -0500] "GET /guestbook/ HTTP/1.1" 200 482 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:35 -0500] "GET /guestbook HTTP/1.1" 301 321 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:36 -0500] "GET /guestbook/ HTTP/1.1" 200 482 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
26.153.36.72.reverse.layeredtech.com - - [20/Mar/2007:12:28:37 -0500] "GET /books.html HTTP/1.1" 200 885 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"

In attempts to block them, you can add this in /etc/hosts.deny:
:
ALL: layeredtech.com

And/Or this in the .htaccess of the directory that's being hammered:

:
order allow,deny
deny from layeredtech.com
allow from all


All times are GMT -5. The time now is 2:03 AM.

Powered by vBulletin® Version 3.7.0, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2007 DaniWeb® LLC