SitePoint Sponsor |
|
User Tag List
Results 1 to 2 of 2
Thread: Is this website abuse ?
-
May 16, 2005, 00:36 #1
- Join Date
- May 2003
- Posts
- 595
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Is this website abuse ?
Hi,
The following from our web server logs:
219.65.238.129 - - [02/May/2005:05:02:29 -0400] "OPTIONS /A-personal-word-from-the-director.doc HTTP/1.1" 200 - "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
219.65.238.129 - - [02/May/2005:05:03:11 -0400] "PROPFIND /A-personal-word-from-the-director.doc HTTP/1.1" 405 358 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
219.65.238.129 - - [02/May/2005:05:03:12 -0400] "PROPFIND /A-personal-word-from-the-director.doc HTTP/1.1" 405 358 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
219.65.238.129 - - [02/May/2005:05:03:20 -0400] "OPTIONS / HTTP/1.1" 200 - "-" "Microsoft Data Access Internet Publishing Provider Cache Manager"
219.65.238.129 - - [02/May/2005:05:03:21 -0400] "GET /_vti_inf.html HTTP/1.1" 302 312 "-" "Mozilla/2.0 (compatible; MS FrontPage 4.0)"
219.65.238.129 - - [02/May/2005:05:03:22 -0400] "POST /_vti_bin/shtml.exe/_vti_rpc HTTP/1.1" 302 312 "-" "MSFrontPage/4.0"
219.65.238.129 - - [02/May/2005:05:03:22 -0400] "OPTIONS /A-personal-word-from-the-director.doc HTTP/1.1" 200 - "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
219.65.238.129 - - [02/May/2005:05:03:26 -0400] "PROPFIND /A-personal-word-from-the-director.doc HTTP/1.1" 405 358 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
219.65.238.129 - - [02/May/2005:05:03:27 -0400] "PROPFIND /A-personal-word-from-the-director.doc HTTP/1.1" 405 358 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
219.65.238.129 - - [02/May/2005:05:03:27 -0400] "OPTIONS / HTTP/1.1" 200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
219.65.238.129 - - [02/May/2005:05:03:28 -0400] "PROPFIND /A-personal-word-from-the-director.doc HTTP/1.1" 405 358 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
219.65.238.129 - - [02/May/2005:05:03:22 -0400] "POST /_vti_bin/shtml.exe/_vti_rpc HTTP/1.1" 302 312 "-" "MSFrontPage/4.0"
Thanks,
Peter
-
May 16, 2005, 01:55 #2
- Join Date
- Dec 2004
- Location
- London, UK
- Posts
- 1,376
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Hi,
Personally it just looks like somebody who's gotten mixed up and tried to edit a document and upload it to th site (or just not realizing that they can't change the document and let Windows do the rest).
Basicly WebDav handles the PROPFIND and PUT protocol methods to allow people to upload, browse and modify documents using a WebDav client. Having WebDav enabled on the server can be a risk (and a severe pain in the **** when trying to admin a FrontPage server), but if you don't have it enabled it poses no risk to you at all.
If you want to automaticly deny the PROPFIND and PUT methods just to feel a lilttle safer, you can use the following in your apache configuration:
Code:<Limit GET POST HEAD> Order allow,deny Allow from all </Limit> <LimitExcept GET POST HEAD> Order deny,allow Deny from all </Limit>
- Harry
Bookmarks