Ed Colmar schrieb: > > Hmm... > > Ok the 404 thing I understand, but they are coming in at such a high > rate it makes me nervous... Maybe this is some form of distributed DOS > attack?
Try to get another IP if this is possible. But else you dont have any way to avoid it - we all have such in the logs when we run public servers. > On Closer inspection I do see some 200 codes in there as well, like: > > 69.70.140.130 - - [22/Dec/2005:13:40:59 -0800] "CONNECT > 208.146.35.106:6667 HTTP/1.0" 200 82 > 69.70.140.130 - - [22/Dec/2005:13:40:59 -0800] "CONNECT > 208.146.35.106:6667 HTTP/1.0" 200 82 > 69.70.140.130 - - [22/Dec/2005:13:40:59 -0800] "CONNECT > 208.146.35.106:6667 HTTP/1.0" 200 82 > 69.70.140.130 - - [22/Dec/2005:13:41:00 -0800] "CONNECT > 208.146.35.106:6667 HTTP/1.0" 200 82 > > Should I be worried about this one? CONNECT is ssl, did you set up SSL for your site? If not you can just disallow CONNECT in apache. _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )