: What is module/aciton/param1 entry in access logs about? Noticing the following in my Apache access logs recently and would like to know what it is about and what is the purpose of printing

@Jessie594

First of all redirecting all unknown pages to your homepage has the potential to badly affect your SERP ranking as the crawler will see a potentially huge number of pages which don't actually exist as existing and being exact duplicates of your homepage. If a page does not exist on your server according to standard and as is best practice for SEO your server should return a 404 error and whatever 404 error page you have designed or chosen to use for your site.

Now as for the entry in your log the zh-CN in the user agent string would tend to indicate a high likelihood that this is originating from somewhere in China and the Windows NT 5.1 part indicates an extremely old operating system. The nature of the URL string in the log would indicate to me that this is an attempt to penetrate your site based on the assumption that it is powered by one of the popular MVC frameworks as those frameworks tend to use the URL sequence /module/action/param.

Unfortunately there is not a huge amount that can be done to prevent this as attacks of this type are common on the web. As a webmaster you can keep an eye on how often these attacks show up in your server logs, and potentially block the netblock of the offending IP address.

Vote Up Vote Down