i am using a windows based shared server hosting and have 2 sites on it. when i am checking logs, i have entries like this: GET /cgi-bin/prxjdg.cgi en 404 what is this? what are they trying to do with proxy scripts? also, how can i prevent some attacks for my site? what should i be looking is there are attacks on the websites ? is there any way that i can block specific IP Address accesing the sites and also is there a application that can helps as Web Application Firewalls for windows based shared server hosting Thanks for sharing your inputs. Appreciate it.
Hi, Most likely some bot scans for open scripts that it can exploit. As long as they are not there, you are safe. Regarding the rest questions, contact your hosting provider. On Windows hosting you are very dependent on the global server security settings.
Regarding application firewalls for windows hosting, ISA 2006 from Microsoft is one of the best available. If you are using the webserver machine and also other normal machines from inside a single network, I suggest using the three legged perimeter network configuration in ISA. Keep your webserver in the perimeter and ensure you create firewall polices to allow only the services that you desire to host, through it.
Thanks for the reply. i am novice player in website management. i am using some CMS for my site. what you talk about Open scripts, can you give me some examples here? Thanks
Open scripts are scripts that are open to hackers (crackers, cybercriminals, script kiddies...) In the example you gave: /cgi-bin/prxjdg.cgi is the open script they're looking for. UseShots said it already, if you don't have those, you don't have to worry about blocking them. Your site as well as many others will always be scanned by bots looking for ways in. You'd go crazy trying to block everyone of them. Use good security policies, watch your logs and you'll be okay.