The power of logs

7 September, 2006

One of the changes I made to my site recently, was to override the App Error Function to keep track of how things are going wrong. I did this by simply logging all the information available and redirecting the user to a safe page (the home page).

I've found this to be very useful in general, especially for debugging what was going wrong with multiple inter-plugin requestAction calls on the same page (2 pastes on the same blog didn't work without some tweaking, I might say something about that soon).

Since I put this in place, I've been pondering why there are entries in this custom error log for a file I know to have never existed or been linked to on my site. About once a day, my site is queried for the file:

/images/icon_info.gif

It wasn't until today, when I was sent yet another request to update my paypal information, that it dawned on me where these hits were coming from - they appear to be probing to see if an old version of the software OS Commerce is running on this site. How did I draw such a conclusion? Well, I googled a bit found some references and the link which I absolutely must click to hastily update my paypal account reads:

http://www.GdamnItIGotHackedAgain.com/images/www.paypal.com/webscr/update.do=profile/index.html

.. and was an OS commerce site.

I don't think this problem is the fault of OS Commerce (and the reason for writing isn't to point the finger!), or using OS software in general. Problems are usually found much quicker and resolved much faster if there is a significant user base. From this mildly-enlightening experience I do think that it makes sense to read your (error)logs, and make sure that you keep up-to-date with any security alerts for software that you use.

Now, all I need to do is fix the routes for those old URLs and that I forgot to take care of... that and save the world from Dorito poisoning by eating them all first myself :).