Apache Friends Support Forum

I've had a consistent amount of flooding on my server lately due to the infamous webdav exploit. I've removed the entire folder and have no future plans of using that particular service.

Even with the folder removed My apache logs show attempts of some overconfident skids trying to execute commands via webdav(which obviously does not exist).

My question, is there a method of filtering out just these irrelevant logs? My moderators are extremely annoyed with the situation as they are having trouble distinguishing floods from visitors. Keep in mind there are literally hundreds of unique IP addresses' retrieving so a simple .htaccess IP block is out of the picture.


Thanks in advance ~Dave

waveydaveywaves wrote:My question, is there a method of filtering out just these irrelevant logs?

Sure! If you don't let Apache listening to the whole wide world, your problem is solved.

XAMPP is not made for productional environments!
Nobody should give you support for your live system because it is obvious that you don't have the knowledge to harden the XAMPP single components that they are secure enough to listen to the internet.

Such a wild server in the internet is not just a security issue for your own system, but for other internet users too.