A possible logging bug
-
Hi,
Today I had a bot blocked by NF while trying to get to a few .php pages on my site. As you can see below, the NF log recorded them as being hits to /index.php.
12/Jan/19 10:39:36 #7969112 MEDIUM 306 51.38.48.186 GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - MYDOMAIN.com.br 12/Jan/19 10:39:36 #5272081 MEDIUM 306 51.38.48.186 GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - MYDOMAIN.com.br 12/Jan/19 10:39:41 #1561380 MEDIUM 306 51.38.48.186 GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - MYDOMAIN.com.br 12/Jan/19 10:39:46 #5967783 MEDIUM 306 51.38.48.186 GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - MYDOMAIN.com.brHowever, for the same timestamps (adjusted for the time zone difference), my server raw access log have the file names recorded differently: https://snag.gy/P4dNR0.jpg.
Let me know if I can provide more info on this.
Thanks for this great plugin!
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
The topic ‘A possible logging bug’ is closed to new replies.
