I am baffled by some entries in my server logs, specifically the web-server logs. Other than normal, expected traffic, I have noticed three types of request errors (eg 404, etc.):
- Broken links, ie links from old, external pages that point to pages that are no longer here
- Sequences of probes, ie some jerk trying to hack in by scanning my server for a series of exploitable admin type pages and such
- What appear to be completely random requests for things that have never existed on the server or even have anything to do with the server, and appear by themselves (ie not a series of requests like the probes)
Could it somehow be a mistyped URL or IP? That’s about the only thing that I can think of, but still, how could I get a request on say, foobar.dyndns.org (12.34.56.78) for something like www.wantsfly.com/prx2.php
or /MNG/LIVE
or http://ant.dsabuse.com/abc.php?auth=45V456b09m&strPassword=X%5BMTR__CBZ%40VA&nLoginId=43
. (Those are a few actual requests from my logs.)
Can someone please explain scenario three to me? Thanks.
Those are probably attempts to use your web server as a web proxy.