In my access logs i have some requests like so:
[18/Dec/2014:10:07:51 +0300] "GET /favicon.ico HTTP/1.1" 301 184 "-" "Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20110814 Firefox/6.0 Google favicon"
[18/Dec/2014:11:35:11 +0300] "GET http://s1.bdstatic.com/r/www/cache/static/home/img/logos/nuomi_ade5465d.png HTTP/1.1" 301 184 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.3072; .NET CLR 2.0.50727; .NET CLR 3.0.30729; Tablet PC 2.0)"
what's this? Should I be concerned about security?
Best Answer
There is no reason for concern in the log entries you posted.
The first is a request for an image file that many browsers use as icon when displaying a page from your site or a bookmark.
The second request is an attempt to use your server as HTTP proxy. However it looks like your server just ignores the proxy part of that attempt and instead responds as if it had been a local site.
If you want to be certain, you can test it manually using telnet. Here is what it looks like on one of my servers:
And here is what it looks like if I try to access the root of the domain:
Both of the above were served by my default vhost.
In your case I would assume you have a default vhost configured to redirect everything to your actual domain.