1 Reply Latest reply on Aug 9, 2006 6:35 AM by Stressed_Simon

    Hacking Probes

    dempster Level 1
      Many times when I look at the application.log file, I'll see a series of "file not found" errors for the same non-existent pages: feature.cfm, search.cfm, schedule.cfm, video.cfm, newsletter.cfm, archive.cfm, directions.cfm and mail.cfm.

      I assume these are from a hacker trying to find a point of entry into our system. Does anyone know more about these kinds of attempts? To keep my log file from getting cluttered with these entries. I was thinking of creating files by those names that just returned a blank screen or else redirected to my home page. Would there be any risk to that strategy?
        • 1. Hacking Probes
          Stressed_Simon Level 1
          I would advise against that. 404s are legitimate status codes and are there to show that the page does not exist.. If your web server has been configures correctly then they wont put any additional load on ColdFusion.

          You should only redirect to another page instead of a 404 if ther URL has changed and you are redirecting to the new location.