Sneaky, sneaky ..

While investigating errors in my php_errors log file yesterday I stumbled across someone leaching data from one of our sites. I blocked him with a .htaccess entry but by the time I left work yesterday they hadn’t noticed that their application wasn’t working.
I came into work this morning and saw that the requests had stopped. Good! Then I grepped for libwww-perl and was disappointed to see requests going to our main server for the same data. A .htaccess file stopped that too but it’s tiresome.
I should check referers but that’s not guaranteed to work and that method actually bit us hard a few years back when a partner couldn’t access data from their site. 🙁
Are there any apps out there for detecting this sort of thing from the log files? I’m guessing that a statistical analysis of the logs would show up lots of the same or similar requests over a short period and/or repeated on a regular basis.
Anyway, thank you for adding one more job to my list of things to do. I’ve already mailed abuse at your ISP. They may be in touch soon.

Leave a Reply

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.