My apache2 log is bombarded with lines like:
108.5.114.118 - - [03/Aug/2012:15:23:28 +0200] "GET http://xchecker.net/tmp_proxy2012/http/engine.php HTTP/1.0" 404 1690 "http://xchecker.net/tmp_proxy2012/http/engine.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)"
I am puzzled by this — why is a request for some weird xchecker.net
domain ending up on my server in the first place?!
The request comes every few dozens of seconds, must be a robot. Any ideas what it is?
Btw that URL is valid — apparently it contains some test page…
Best Answer
Somebody is checking if your server is a open proxy by requesting:
GET http://xchecker.net/tmp_proxy2012/http/engine.php HTTP/1.0
It doesn't look like you are running an open proxy since it responded with a
404
.For more information on this see: http://wiki.apache.org/httpd/ProxyAbuse
Especially the "But how can I be really sure that I am not allowing the abuse of other sites" part.
We can't tell why it continues to try it even after it should be clear that you don't run a proxy.
Maybe that guys script is broken.