File not found in apache error log

It appears to me that you are seeing the results of some sort of automated/deliberate attack on your web server. Someone or some program is looking for an application possibly that was installed with no password or a default password or an application with a known vulnerability.

We get these all the time on the web sites we host and for anything like this, we can't respond too, we have either a custom 404 page or we issue a custom 301 to the home page of the site in question.

you could try looking at the access log for that domain to see if there is any correlation between a specific request and the generation of that error.

to find your logs try something like this:

grep CustomLog /etc/httpd/conf/httpd.conf

logfile will be somewhere like:

/usr/local/apache/domlogs/domain.co.uk

you could then grep this file for the time from the apache error log and see if that shows up anything?

My usual rule of thumb is that if the file does not exist (and never did) on my server, AND if the referrer URL is a zillion characters long (and not from your own site), the chances of it being an exploit attempt are pretty good.

Like ericmayo, we utilize mod_rewrite to forward any 404's to the main site. We have in the past done some coding where referer.log is parsed for exploit attempts and any suspect entries put into a "deny" list. (.htaccess is your friend)

If you're using apache, this might be of some assistance.

I'm with k3ri & ericmayo -- it's an automated exploit attempt.

having seen many similar exploit attempts in logs for over a decade, I long ago bailed out on attempting to add referrer IPs to deny lists -- because with literally millions of Windows clients pwned by bot-herders large and small, you end up creating lookup overhead for every request, thus increasing server latency more than you can ever gain from filtering out the ever-changing attack sources.