what is going on here?

[Einstein47]

In my access_log I see a bunch of really odd messages. In addition to my expected traffic hitting my login page, I also see the following:

61.145.234.XXX - - [date] "GET [URL unfurl="true"]http://www.pornsite.com/members/[/URL] HTTP/1.1" 401 16057

This has been going on for several weeks at various IP addys (although the domain seems to be the same), and various odd porn sites. Most of the time it is a 401 status, but sometimes I see 403, 200, and 302.

First - should I be worried about this?
Second - can I do anything about it?
Third - why isn't my company's firewall blocking this junk?

My main site is https and without a login this id01t won't get to my site; however, he is still using my resources and making a bad name for my IP. At the very least he is filling my logs with a list of raunchy web sites.

If anyone has any advice, I'd be willing to listen - and give stars Einstein47
("The only reason I would take up exercise would be so I could hear heavy breathing again.&quot

 

[danielhozac]

It seems to me like someone is trying to use your website as a proxy server to view bad sites. Make sure that all the proxy directives in your [tt]httpd.conf[/tt] are commented. And not knowing anything about your firewall, I can't really tell why it should be blocking these requests.

//Daniel