Doug's musings
<< Telling time 2003 > October Travels, pt. 1 >>

Wednesday, 22 October 2003

Keeping localhost local ::

It’s easy in Mac OS X 10.3's Console to look at one’s local web server logs (/var/log/httpd/) and I found myself doing that this evening. Usually amidst my own tracks of messing around with my local copy of this site, there are just a few occasional, laughable attempts to probe my system for Windows web server exploits. But today I saw a steady stream of valid requests, eating bandwidth (and possibly opening a security hole since I muck around with CGI scripts):

68.144.228.138 - - [22/Oct/2003:08:24:30 -0700] "GET / HTTP/1.1" 200 4363
24.244.215.33 - - [22/Oct/2003:08:29:17 -0700] "GET / HTTP/1.1" 200 4363
218.124.88.121 - - [22/Oct/2003:08:30:01 -0700] "GET / HTTP/1.1" 200 4363
68.17.162.212 - - [22/Oct/2003:08:30:03 -0700] "GET / HTTP/1.1" 200 4363

... and about 50 more between then and when I turned off the computer and went to work. I wonder what the script kiddies are up to.

Mac OS’s firewall won’t permit firewalling port 80 (HTTP) when web sharing is on. But one can write Apache rules to keep parts of the rest of the world out (in this case, all of it):

BindAddress 127.0.0.1

The URL “http://localhost/” works in Safari, but not IE 5, where you have to enter “http://127.0.0.1/”. I’m reminded of my son recently mentioning a T-shirt, “There’s no place like 127.0.0.1”.

Wed, 22 Oct 2003, 23:30 PDT
[ Web-related software ]
<< Telling time 2003 > October Travels, pt. 1 >>