What does OPTIONS mean in my access_log? 1

[Einstein47]

I have been using apache for a long time now, and just recently I have noticed requests in my access_log that look like this: [red]"OPTIONS / HTTP/1.1" 200 -[/red]

I am familiar with "GET and "POST and even have see the occasional "HEAD, but I have no clue about "OPTIONS. Should I be concerned?

I ask because it seems the same IP is hitting my server like 20 times in a row and then stops for an hour, then comes back and hits it again for 20 times, then stops. Seems like some sort of malicious activity.

Should I try to prevent this? Should I block that IP? What exactly does OPTIONS mean/do?

Thanks in advance,

Einstein47 (Starbase47.com)
“PI is like love - simple, natural, irrational, endless, and very important“

 

[feherke]

Hi

I am familiar with "GET and "POST and even have see the occasional "HEAD, but I have no clue about "OPTIONS.

Honestly, neither I. I only know it from RFC 2616 :

The OPTIONS method represents a request for information about the
communication options available on the request/response chain
identified by the Request-URI.

Seems like some sort of malicious activity.

Not necessarily.

For example, this can be used to test
a proxy for HTTP/1.1 compliance (or lack thereof).

Should I try to prevent this?

Personally I would not. But you can instruct your server to deny such requests using the [tt]Limit[/tt] or [tt]LimitExcept[/tt] directive.

Feherke.

http://rootshell.be/~feherke/