Hi, I’m new to running a website on a server. I have Nginx set up and was looking at the access.log file just to see what’s in it and the format of it. I can make sense of most of it but there are some lines, for example,
126.96.36.199 - - [16/Jan/2020:13:14:28 +0000] "GET http://wx.sina.com.cn/ HTTP/1.1" 200 612 "http://wx.sina.com.cn/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
Usually the request is just the root directory (the website). What I don’t understand is that there is a whole website being requested which I don’t understand how they would quite do that from my server. The other thing is it returns a 200 and is sending them, in this case, 612 bytes.
If anyone could perhaps help me figure out what’s going on I would really appreciate it!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $200 of credit to try our products over 60 days!
This has actually happened to me in the past, I had a Droplet and I was seeing GET requests to a random domain name in my access logs. It turned out that the domain name was abandoned but it was still pointing to my Droplet’s IP address.
What I did was to create a server block and deny the access for this specific hostname, so it looked something like this:
That way if anyone tries to access that domain name pointed to my server, they would get a 403 Forbidden message.
On another note what I could also suggest is checking your Nginx config and making sure that you don’t actually have that domain name specified in there:
Hope that this helps. Regards, Bobby
Thank you so much! The grep command you gave me didn’t have any output, will try out denying access for certain domains!