Kind of scary, but I’ve been using GraffitiCMS from the very early days when Telligent had it in beta, to the point when I plonked down $99 to buy it, through to today’s version which is open-source. That’s five-plus years, folks. There’s virtually no support or plug-ins for it any more, but it’s pretty easy to write your own anyway. It’s just ASP.NET with a few libraries.
One of the plug-ins I picked up way back when was Scott Cate’s 404 logging tool (it’s no longer around to download, I’m afraid). It basically listens for 404 errors and logs them. Nothing too complicated; it’s up to you to then decide what to do. After some fiddling around on this site over the Christmas period I turned the plug-in on again – I’ll admit I get to a point where I’m tired of seeing the same old errors over and over (see below) and I turn it off – to see if there were any errors I’d managed to introduce in all my work.
The top couple of 404 errors over the past three days are pretty obvious in this day and age and are easily fixable, if I wanted to:
In essence, people are visiting the blog with an iPhone and Safari is trying to find one of these two icons for display. The way the blog works is to redirect iPhone users to a different view of the site (one, two, three, wrap-up), optimized for the iPhone, and so fixing this problem on the main view is hardly necessary. I’ll probably do it just for neatness’ sake.
And then the fun starts:
and even:
Hmm. All of these have, as referral page, the main page here on the blog. In other words, the fisherman (fishermen?) are arriving at the home page for this blog, and then typing in these PHP standard URLs hoping for a catch. Since this site doesn’t use PHP or Wordpress, it registers a 404 error. Now, OK, these might be benign – there might be some people out there who want to be members of this blog. To which I say, sorry all, this is my blog and only I post to it. If you want an RSS feed of the posts, click the Subscribe link on the top menu; for an RSS feed of the comments, click the Comments feed link there too.
Concerning PHP and Wordpress sites though, I’m well aware of their reputation for being hacked. Yes, agreed, since Wordpress is open-source, any spotted vulnerability tends to be fixed extremely quickly, but it relies on the webmaster for the site to update his version regularly and often. Also Wordpress plug-ins tend to be the problem areas – Wordpress itself is by now extremely secure. To me though, these hand-typed fishing URLs are there to try and work out whether this site uses PHP/Wordpress, and, if so, which version – and hence which vulnerabilities could be exploited.
I’m now considering what special code I can write/execute when someone tries for a PHP page. It would be fun for example, to have a fake static page and see what they enter. I’ll ponder a little.
3 Responses
#1 scott cate said...
05-Jan-13 3:13 PMPretty sure I can find that source code if you're interested.
#2 julian m bucknall said...
05-Jan-13 7:20 PMJust as a placeholder (I'll need it later): Scott has placed his 404 logging plug-in source in GitHub.
#3 Erik said...
07-Jan-13 1:59 PMJust for fun, on my site I loop through
alert('Encountered server error. Please recheck your information and re-submit.') ;
a couple of dozen times in succession if my form submission JS encounters an "http://" or "search engine optimization" in the last name or "question" fields.
Don't see any of those come in anymore...
Leave a response
Note: some MarkDown is allowed, but HTML is not. Expand to show what's available.
_emphasis_
**strong**
[text](url)
`IEnumerable`
* an item
1. an item
> Now is the time...
Preview of response