dodgy things in apache log

txt3rob

Verified User
Joined
Jan 16, 2007
Messages
101
Code:
[Tue Apr 22 06:00:39 2008] [error] [client 78.111.69.113] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Tue Apr 22 06:00:40 2008] [error] [client 78.111.69.113] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Tue Apr 22 07:25:07 2008] [error] [client 216.240.132.119] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Tue Apr 22 07:25:08 2008] [error] [client 216.240.132.119] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Tue Apr 22 08:29:36 2008] [error] [client 81.209.145.131] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
[Tue Apr 22 08:29:36 2008] [error] [client 81.209.145.131] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)

i know the stadard thing would be ban them via the firewall but i've tryed to make an auto script to do this but it failed so used .htaccess. i understand they are scanning my server for ways to exploit but any one got a way that i can tell apache to tell them to get lost basically? like a rewrite rule or something?
 
or how do i remove crap like this
Code:
[Wed Apr 23 10:04:48 2008] [warn] [client 83.18.57.210] mod_include: Options +Includes (or IncludesNoExec) wasn't set, INCLUDES filter removed

its all over my error log
 
Setting Options +Includes in .htaccess or httpd.conf is overwritten by the additional configuration file, so you need to replace additional configuration by replacing "AllowOverride None" with "AllowOverride Options".
 
Back
Top