More information out of error log?

Nick Pearson nick.pearson at gmail.com
Wed Jan 14 02:42:00 MSK 2009


Hi Ilan,

Try changing the output format for the error log file to include the user
agent.  Or, look for requests to /letters/.mp3 in your access log, which may
already contain the user agent.  You may find that these requests are coming
from a bot that is parsing the links in your site incorrectly.  I see this
consistently on the ten or so sites I host, although the errors I usually
see are for the directory and filename with no file extension (such as
/forms/document when the link actually points to /forms/document.pdf).

It might also help to compare the remote IP addresses to see whether the bad
requests always come from the same IP or IP range which might indicate that
it is a bot.

On Tue, Jan 13, 2009 at 5:05 PM, Ilan Berkner <iberkner at gmail.com> wrote:

> Hi All,
>
> We are getting many of these errors:
>
> 2009/01/13 13:04:28 [error] 27100#0: *782718 open()
> "/home/spellcit/public_html/letters/.mp3" failed (2: No such file or
> directory), client: 204.38.160.220, server: www.spellingcity.com, request:
> "GET /letters/.mp3 HTTP/1.1", host: "www.spellingcity.com"
>  Essentially one of 2 things is happening:
>
> (1) One of our php or flash files is trying to access this invalid file
> "/letters/.mp3" or
> (2) A user is trying to access this directly (unlikely).
>
> The problem is that the log entry does not on the surface reveal enough
> information about where the request is coming from so we're having a tough
> time identifying the source of the request.  Is there a way (is it possible)
> to add more information to the log entry to better identify the source of
> the request (swf, php, html, direct, etc.).
>
> Thanks
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090113/c6f3a04a/attachment.html>


More information about the nginx mailing list