--- "Michael T. Dean" <[EMAIL PROTECTED]> wrote: > [Mess of top-/bottom-posts re-formatted so this actually makes > sense...] > > Mark Kundinger wrote: > > >--- Jeff Simpson <[EMAIL PROTECTED]> wrote: > > > >>On 10/6/05, Tj <[EMAIL PROTECTED]> wrote: > >> > >> > >>>Do you have mythweb running? Is it protected from the Internet? > >>> > >>>Maybe some body has found your site on google and decide what you > can see, and what you can't.. :p > >>> > >>> > >>Or more likely, something is spidering mythweb and thus clicking on > >>every delete link in the process > >> > >Okay, I can fairly simply test that by just turning httpd off (or > >blocking port 80) for a week or so and see if that really is the > >problem. > > > > > Sure--if you prefer indirect evidence. Or, for direct evidence, you > can > simply check your mythweb access logs for lines like: > > XXX.XXX.XXX.XXX - bobsmyth [25/Sep/2005:07:36:16 -0400] "GET > /myth/recorded_programs.php?delete=yes&file=%2Fvideo%2Fmythtv%2F1024_20050919230000.mpg > > HTTP/1.1" 302 27 > > (although, without authentication, you shouldn't have a > username--bobsmyth--in there.) > > >Is there a more "correct" way to protect my MythWeb from hackers > and/or > >spiders? > > > robots.txt ( > http://www.searchengineworld.com/robots/robots_tutorial.htm > ) can be used to tell robots how to index a site, but you shouldn't > be > allowing them access in the first place...
Well, I was too ignorant and lazy to try to determine for reals what was going on with my web server, but I did disable access to my mythbox from the outside Internet. And I've now gone a whopping 9 days without any curious file deletions or schedule changes. So, my next project will be to secure Apache a little bit. :) _______________________________________________ mythtv-users mailing list mythtv-users@mythtv.org http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users