ok so im getting a army of Tiawanese hitting my site a php script is logging them apache logs nothing i'e done some poking around $http_host = $_SERVER['HTTP_HOST']; //What url? $request_uri = $_SERVER['REQUEST_URI']; //What url? $current_url = "$http_host"."$request_uri"; //What url? echo $current_url PHP: and I get this: 168.95.5.151:25 ID | IP | TIME | Current_url variable Can anyone help me? What is it? What are they doing? How will it affect me/my server/sites?
How can a php script be being run but not logged by apache? Why does it think the current page is randomipaddress: port25 I'm baffled
That's a php script i threw together off the index page on one of my sites. I noticed another script of mine was logging LOTS of traffic all of the sudden. So I knocked this custom script together to log things.
I mean, is Apache itself configured to show a web page if you connect to it on port 25 (usually the answer is no.) Like with a url like http://www.yourwebsite.com:25 Still under the imprression that they're attempted mail server accesses. Try taking a look at your mail logs... May also want to kill Apache for a bit and check your processes for anything weird.
My dedicated hosting provider weren't responding however they've now called me back. They're looking into the problem and will phone me back. I'll keep you updated if you're interested. Port 25 wasn't serving http.
For now I've asked them to block the whole of Tiawan. The tech *thought* they were using my server to try and probe mail servers on other machines. He couldn't answer why my php script would log them but not apache. For now I'm not panicing as much. And I'm going to leave the office at last. TYVM for your help.