i just launched 4 days ago and i was checking referrers and where most hits were coming from and i came across this http://192.168.10.215:15871/cgi-bin/blockOptions.cgi i tried to google the .cgi name and it made no sense. thoughts?
email and ask them about this. It appears that you aren't the only person getting this IP address cropping up in referer stats and doesn't know why
why would i need to email internet assigned numbers authority about router ip abuse. the ip is a local server router. soooo it could be coming right off the server somewhere O_O
Did you try the resetting the router? Or did you change the IP/DNS management in BIND anytime? Did you change any networking configurations? So many factors... really hard, wipe your HDD clean and start over!
The 192.168.10.215 ip is the ip address on someones local network and they have created a page on their local web server called "blockoptions.cgi". On the page that they are try to "hack" on your web server, ban that ip address becasue there is no reason for legit users to refer from a local page. Bascially I would set it up so that "if referer = dodgy referer then redirect to another harmless page". The hacker will keep trying to change their ip etc and get around it but you must persist in protecting yourself if its a hassle to you. Server and web site security is sometimes a battle of wits and patience but as we all know persistence always wins.