View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Bad access. Remove ip using iptables
Log in to Ask a Question

Bad access. Remove ip using iptables

networking

I have found this in my access.log this morning:

222.187.220.162 - - [10/Mar/2009:14:22:04 +0000] "GET http://pv.wantsfly.com/prx1.php HTTP/1.0" 404 326 "- " ….

How is this ip trying to access an external site from my address? How can I stop it from happening again?

Thanks

3 Replies

You can request anything you want via HTTP, and they did get a 404 "page not found" response from your server.

However I believe what they/this virus/worm/spammer wanted was to get you to visit their site and/or share the link with others.

http://en.wikipedia.org/wiki/Referer_spam

It's searching for open proxies. It happens all the time. Your web server returned a 404, so it's not an open proxy.

You could configure fail2ban or something to block IPs that make requests like that. Personally, I don't do anything about it. They don't do any harm, and it's not worth the effort.

Edit: Oh, someone else responded first.

Thanks for you prompt responses.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct