Results 1 to 16 of 16
  1. #1
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Do you check your logs everyday?
    How often do you check your raw log stats on your servers? I've been making a point of it recently, to make sure nothing fishy is going on, and of course I find a URL entry that reads like:

    /cgi-bin/awstats/awstats.pl?configdir=|echo;id%00

    That spooked me a little, as I can't imagine what might happen if someone were to succeed. Do you guys run into attempts often on your servers? And if so, any advice on trying to stay one step ahead?

  2. #2
    15 years and counting
    Join Date
    January 18th, 2005
    Posts
    6,121
    I've my logs in real time on a dedicated screen for all my sites.
    I would not live without knowing what's going on.

  3. #3
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Quote Originally Posted by Zeus
    I would not live without knowing what's going on.
    I can see why, especially after seeing that entry in my log. I had mainly looked through it to see which bots were visiting my sites, but now I feel I'm not checking often enough..

  4. #4
    Lite On The Do, Heavy On The Nuts Donuts's Avatar
    Join Date
    January 18th, 2005
    Location
    Winter Park, FL
    Posts
    6,930
    Daily? Too much log review makes Donuts glaze over...

    I mine my logs monthly using some parsing tools and look at raw logs weekly (rotating through 1/4 of my sites each week).

  5. #5
    Newbie cafeman's Avatar
    Join Date
    October 24th, 2006
    Posts
    24
    Yeah I keep an eye on things and run the odd manual grep to take a look at specific things every now and then, but all in all I tend to use higher level analytics. If you are looking at your raw logs for security problems then it's already too late. Keep your boxes up to date and backup daily!

  6. #6
    15 years and counting
    Join Date
    January 18th, 2005
    Posts
    6,121
    Quote Originally Posted by cafeman
    If you are looking at your raw logs for security problems then it's already too late.
    I agree, but the sooner you're informed, the better. A downtime can also cost me a fortune.

  7. #7
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    I'm not at the level of dedicated servers yet, so all of my sites are shared-hosting (bluehost.com). Much of the security responsibility should still be on their end, right?

  8. #8
    Newbie cafeman's Avatar
    Join Date
    October 24th, 2006
    Posts
    24
    Quote Originally Posted by Zeus
    I agree, but the sooner you're informed, the better. A downtime can also cost me a fortune.
    When it comes down to security problems one usually is informed sooner than they can get to their raw logs. That was all I was trying to say. Occasionally I see people trying things out but there's nothing I can do about that if the hole they are trying to exploit does not exist. As I say, if it did exist then it's too late already.

    Quote Originally Posted by MoneyBusiness
    I'm not at the level of dedicated servers yet, so all of my sites are shared-hosting (bluehost.com). Much of the security responsibility should still be on their end, right?
    Yes. But make sure you have backups of your stuff, because even though it's their responsibility to whatever extent their TOS stretches, you still want to be back up and running asap.

  9. #9
    The slot machine that IS paid! Billy Kay's Avatar
    Join Date
    January 18th, 2005
    Location
    Small Town in Tennessee
    Posts
    5,226
    I only look if there a big increase, or decrease in sales, or when I see posts like this on ABW

  10. #10
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Quote Originally Posted by Billy Kay
    ...or when I see posts like this on ABW
    lol - nothing like a little paranoia (I mean concern) every once in a while!

  11. #11
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Quote Originally Posted by cafeman
    Yes. But make sure you have backups of your stuff, because even though it's their responsibility to whatever extent their TOS stretches, you still want to be back up and running asap.

    ok thanks. I run regular backups, and to tell you the truth, not quite 100% assured that the host is reliably secure either.

  12. #12
    Affiliate Manager Matt McWilliams's Avatar
    Join Date
    July 21st, 2006
    Location
    Fort Wayne, IN
    Posts
    2,838
    MoneyBusiness,

    First of all, Happy Birthday!

    I know this is a simplistic suggestion, but make sure you change your passwords frequently with anything associated with hosting.

    Learned that one the hard way many years back
    Matt McWilliams
    Call Me At: (317) 825-8826 | Follow Me On Twitter: @MattMcWilliams2 | Connect With Me On LinkedIn

  13. #13
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Thanks Matt. Yeah, it's something i do on a "somewhat regular" basis. So many to keep track of I have to keep them in a book (safe isn't it!?).

  14. #14
    .
    Join Date
    January 18th, 2005
    Posts
    2,973
    Every day, I see multiple requests looking for various scripts and DLLs on my servers, all of which fail (404); these are "bots" that are running to try to find servers with security holes. They aren't really worth worrying about.

    There are probably at least tens of thousands of "zombie" computers out there executing scripts (some running 24/7, others during off-peak hours) in an effort to find more machines to conquer -- the number might be hundreds of thousands of computers around the world. Even if you somehow obtain for an IP address which has actually never been used before, you will probably see multiple "hack attempts" within the first few hours.

    I check my log files "occasionally," which sometimes means a few times a week, and sometimes it means once a month or less. When I'm working with a client, I sometimes check those log files daily, but often will let weeks or even months pass without checking anything "low-level."

  15. #15
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Yeah, I just realized that it was by a bot as well (named ChaosBot). I did a G search on the IP address and it seems to be coming from some type of mail server. Oh well! It's good to know that it does happen often, but amounts to nothing. It's just one thing I would hate to have to worry about!

  16. #16
    Merchant & ABW Ambassador
    Join Date
    May 31st, 2006
    Location
    Houston TX
    Posts
    4,731
    Happy Birthday MB.

    I look at my stats to identify the top affiliates, traffic trends, top landing page and helping affiliate optimize their site and our program, etc
    Don't do it that often though but at least a few times a week. Wish I had an assistant or an intern

    I have other tools to send me updates via email.
    Yet to get a dedicated screen like Zeus

  17. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Everyday Health contact?
    By soneill in forum Rakuten LinkShare - LS
    Replies: 3
    Last Post: July 10th, 2012, 05:54 PM
  2. Do DataFeeds change everyday?
    By johnnyWebAffiliate in forum Programming / Datafeeds / Tools
    Replies: 2
    Last Post: March 17th, 2006, 07:47 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •