Results 1 to 8 of 8
Thread: OPTIONS * HTTP/1.0" 200 138
-
12-18-2008, 05:32 PM #1WHT Addict
- Join Date
- Aug 2002
- Location
- Canada!
- Posts
- 161
OPTIONS * HTTP/1.0" 200 138
Quote:
::1 - - [18/Dec/2008:13:22:40 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:22:44 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:22:45 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:22:47 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:22:48 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:22:49 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:22:50 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:23:27 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:24:19 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:24:33 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:25:56 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:25:57 -0800] "OPTIONS * HTTP/1.0" 200 138
::1 - - [18/Dec/2008:13:25:59 -0800] "OPTIONS * HTTP/1.0" 200 138
I've been seeing this in my log for the last hour or so. What's going on?
-
09-29-2009, 06:51 AM #2Web Hosting Guru
- Join Date
- Jun 2003
- Location
- Ukraine
- Posts
- 263
any updates?
-
09-29-2009, 09:34 AM #3Aspiring Evangelist
- Join Date
- Mar 2009
- Location
- /home/khunj
- Posts
- 433
NinTechNet
★ NinjaFirewall : Web Application Firewall for PHP and WordPress.
★ NinjaMonitoring : Monitor your website for suspicious activities.
-
09-29-2009, 09:39 AM #4Web Hosting Guru
- Join Date
- Jun 2003
- Location
- Ukraine
- Posts
- 263
I see no problem with TS's local time. That was 2008th
But I saw similar records today. They start to appear in the same time I have DDoS from IPv6 networks.Last edited by AlexAT; 09-29-2009 at 09:40 AM. Reason: "no reason, just want to edit"
-
09-29-2009, 09:56 AM #5Aspiring Evangelist
- Join Date
- Mar 2009
- Location
- /home/khunj
- Posts
- 433
OK, then nothing to worry at all !
If you don't want to log them, setup an environment variable in your apache conf file :
SetEnvIf Remote_Addr "127\.0\.0\.1" nolog
Then add it to your vhost acces log line :
CustomLog /foo/bar/access.log combined env=!nologNinTechNet
★ NinjaFirewall : Web Application Firewall for PHP and WordPress.
★ NinjaMonitoring : Monitor your website for suspicious activities.
-
09-29-2009, 10:07 AM #6Web Hosting Guru
- Join Date
- Jun 2003
- Location
- Ukraine
- Posts
- 263
Thank you.
But I was worried not about logs but about DDoS.
I thought it's related since IPv6 there and there.
-
09-29-2009, 10:26 AM #7Aspiring Evangelist
- Join Date
- Mar 2009
- Location
- /home/khunj
- Posts
- 433
It is somehow related with your DDoS.
If you look at Apache doc :
When the Apache HTTP Server manages its child processes, it needs a way to wake up processes that are listening for new connections. To do this, it sends a simple HTTP request back to itself. This request will appear in the access_log file with the remote address set to the loop-back interface (typically 127.0.0.1 or ::1 if IPv6 is configured).NinTechNet
★ NinjaFirewall : Web Application Firewall for PHP and WordPress.
★ NinjaMonitoring : Monitor your website for suspicious activities.
-
09-29-2009, 10:37 AM #8Web Hosting Guru
- Join Date
- Jun 2003
- Location
- Ukraine
- Posts
- 263
I see, thank you.
However log flooding is nothing in comparing with DDoS.
I just disable IPv6 in apache and this problem was solved.Last edited by AlexAT; 09-29-2009 at 10:40 AM.