August 6th, 2006, 08:27 PM
Apache Log Entry ?
192.168.2.3 - - [19/Mar/2005:22:01:10 +0000] "OPTIONS / HTTP/1.1" 200 -
192.168.2.3 - - [19/Mar/2005:22:01:10 +0000] "PROPFIND /VideoLibrary HTTP/1.1" 405 314
I found these entries in a log file on my Apache/PHP server the other day.
They don't look like normal GET requests to me.
Does anyone know what they mean ?
August 6th, 2006, 10:05 PM
read the rest... http://en.wikipedia.org/wiki/WebDAV
WebDAV added the following methods to HTTP:
* PROPFIND — Used to retrieve properties, persisted as XML, from a resource. It is also overloaded to allow one to retrieve the collection structure (a.k.a. directory hierarchy) of a remote system.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
August 7th, 2006, 01:30 AM
Looks like it came from the LAN, to boot.
And it's been awhile.
“Everybody is ignorant, only on different subjects.” — Will Rogers
August 7th, 2006, 09:59 AM
Keep in mind, Internet Explorer and Office installed tend to send WebDAV commands to the server while surfing. Interesing, yes. Nefarious, probably not. You do have to watch out for the PUT method. I've seen websites getting defaced using that method.
Experience is something you don't get until just after you need it.
August 7th, 2006, 02:54 PM
Since nobody mentioned this one 'options' is just a way of asking the web server what HTTP Options (Get, post, put, delete, propfind, search, trace, etc) are allowed to that location...some will return more than one (iirc, iis with frontpage extensions will return public and private options), but most of the time you'll see it in the form of 'allow' (iirc). Some servers allow it and others don't, tried to show you the options for antionline, but it looks like it just displays the frontpage rather than trying to actually supply the allowed options (which isn't uncommon)...
EDIT: In response to Dice's post, there are other options that should raise your eyebrow other than PUT, especially if you allow them...my recommendation would be to use Apache to limit them to whatever is needed (probably only GET, maybe POST?)...
Use LimitExcept to do this... (be careful, you can toast your website quickly if you do this wrong )...
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)