surfdean

Apparently it's working fine "On a shared server, the server logs will reset on every week end. In other words, you can find the only the 300 error logs of the current week in cPanel. It is not the problem with the logs option in cPanel and it is showing the logs fine." So I need to check my logs before the week-end. Damn, shoulda been here yesterday dean

Hi Everyone, Under logs > error log where it should show me the las 300 error messages, the entire window is blank. This is even though I have 404 errors that I'd like to diagnose. Is it broken? Am I looking in the wrong place? thanks, dean

I'm trying it on my personal account for now-- although our main business acct is also getting spammed It works. Thanks for your encouragement. dean

Now that was fast I would rather bounce the email than just delete it. Can I do that? That way if I get legit mail, the person knows I'm bouncing email and will try another means to contact me, and won't just think I'm ignoring them heh. I never use those emoticons...

Is there a way to pause email accounts instead of deleting them? I want to stop spam coming to 1@**** without deleting all the other mail that I've already received. Or maybe if I do delete it and then re-create the same account name later the old mail will still be there? Or a way to just bounce mail from one account temporarily? Or a filter that goes to ":fail: no such address here"? thanks, dean

I just got this in the mail, and google only revealed one other forum talking about it... and their email came from GoDaddy.. I just wanted to make sure that you guys sent this and is not some phish... Thanks, dean The body of the email is: It's that time of year again. ICANN (the Internet Corporation for Assigned Names and Numbers) annually requires that all accredited registrars ask their domain administrators/registrants to review domain name contact data, and make any changes necessary to ensure accuracy. To review/update your contact data, simply: + Go to http://www.securepaynet.net/gdshop/rhp/def...imple&isc=ICANN + Click on the "ICANN" text link at the top left side of the page + You will be taken to a landing page and asked to enter your Domain Information key: domainkeyhere + Enter your key and click "Go." Next, simply review the contact information for each domain name. To make a correction, log in to "My Account" with your customer number or log in name and password. Click "Manage Domains" and then "Manage Contacts." If you find that your domain contact data is accurate, there's no need to take action. If, however, your domain contact information is inaccurate, you must correct it. (Under ICANN rules and the terms of your registration agreement, providing false contact information can be grounds for domain name cancellation.) To review the ICANN policy, visit: http://www.icann.org/registrars/wdrp.htm Should you have any questions, please email us at mailto:support@secureserver.net or call our customer support line at 480-624-2500. Thanks for your attention and thank you for being a TotalChoice Hosting customer. Sincerely, TotalChoice Hosting

Thanks Dick, I didn't realize how much "nicer" the stats are with Full List aloha, dean

Hi there, I'm trying to understand this second column of numbers that is *usually* the same as the first column. My parked domain shows up here as having a vast difference between the two, i.e. 3 139 or 14 814.. what do these numbers mean? just curious, dean

Raul and Bruce- Of course, since I posted the 404 hasn't come back, and I only made the change now. Time will tell though... Thanks for the tip, I'll post again if they come back. Cheers, dean

Hello there, I have some recurring 404's showing up in AWSTATS. The page is /js/awstats_more_tracker.js and the referrer is /js/awstats_misc_tracker.js or sometimes just my index I looked in the directory /js and there is no awstats_more_tracker.js I looked in the file awstats_misc_tracker.js and the only reference to awstats_more_tracker.js is in a commented (//) section. This was confusing because it seems as though the file should be named "more" not "misc". in the log: x.x.x.x - - [06/Oct/2005:15:42:11 -0400] "GET /js/awstats_more_tracker.js HTTP/1.1" 404 1941 "http://www.surfvenus.com/js/awstats_misc_tracker.js?SCREEN=1280x1024&CDI=32&JAVA=true&UC=UserCode1128627500486r564&SC=SessionCode1128627500486r564&SHK=N&FLA=Y&RP=Y&MOV=Y&WMA=Y&PDF=Y" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7" x.x.x.x - - [17/Oct/2005:21:56:20 -0400] "GET /js/awstats_more_tracker.js HTTP/1.1" 404 1941 "http://www.google.com/pagead/iclk?sa=l&ai=blahblahblah&num=5&adurl=http://VenusSurfAdventures.com" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" x.x.x.x - - [17/Oct/2005:21:56:21 -0400] "GET /js/awstats_more_tracker.js HTTP/1.1" 404 1941 "http://venussurfadventures.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" There are other similar entries. What is the difference between the "more" and the "misc" tracker scripts? Should I just have one of each? Or would having both cause havoc in my stats? any help appreciated. aloha, dean

I just drag the renammed (*.log) file into a firefox tab. It makes for a readable format and then you can use the handy ctrl+F to find certain strings. dean

A happy reminder to everyone... when you do software updates of any kind in Windows, restart your computer so that your changes take effect. It works fine now.

Hi everyone, Somehow I can't send email anymore today. Instead of remembering my smtp username and password, it asks me for the password. When I type it in and send, it asks for the password again. Is there something wrong with server85? I don't think anything changed on my end. I thought it was caused by my upgrade to 1.0.7 from 1.0, but when I restored my 1.0, the same thing happens. Any suggestions? TIA, dean

Rob: Okay, I downloaded the log, but via my ftp program. When I go through CPanel>Raw Access Logs, I only get one day. But since I have it now and know how, I won't bother with a ticket. Don: Whew. Glad That Dodo isn't such a dodo

Hi David, I hope that I don't have 78% of my traffic from bots... how depressing Aren't the bots tracked in the Robots/Spiders section? There it lists a couple hundred hits, as opposed to thousands of hits... Do that many people block referring pages? Is that a website level block or a browser setting? curiosity... dean

Is there a way to *not* have the script in the action tag? How else would you call the script? Pardon the naivete I guess I'll just hope the script is secure...it's dodosmail. dean Is there a way to *not* have the script in the action tag? How else would you call the script? Pardon the naivete I guess I'll just hope the script is secure...it's dodosmail. Re: andy I just tried to submit a ticket, but it says my email is invalid. I lost my old account, so I'm using the one with the domain I have here. What gives? dean

Hi everyone, On the Awstats page, under "Connect to site from" I have 78% of my traffic coming from "direct address / bookmarks", which is apparently untrackable. I know that there can't be that many people who have bookmarked my site and looking at it, nor do I think it is possible that all these people are typing my URL into their browser. Where else could this traffic be coming from or how else could it be generated? Thanks, dean

Hey all, I thought that at one time I was able to download the raw log for the current month, i.e. trying to download September's today, but I can only get one day at a time... Is there a way to get September's log? I'm trying to figure out some strange stats from the awstats page, i.e. 44 visits to a php script page that no one has any business browsing to, but that is used in a form for email. thoughts? TIA< dean

Hi Andy, Nice codework. I'm not well versed with php, but what I understand is that I need to save the code as security.php, create a database with your variables and add 1 line to each page (within the body?) I'm guessing you haven't updated the script much? To clarify about the relative links: can i use: ><a href="/">Home</a> instead of ><a href="index.htm">Home</a> I was trying to avoid using my 1K/sec connection to test it on a dummy page... Anyway, I tested it, and it works....but I don't think I'll use it because of the local testing SNAFU. Thanks, dean

Hey all, a few questions... In awstats I've noticed wget and curl visits to my site, and would like to prevent them from grabbing my site. I've seen an enourmous htaccess file via googling, but is that necessary? It was written to block *most* bots. I have directories with only images in them, and people are entering them into their browser. /mydomain/images/ and getting access to them. Can I stop this but still have access via links from internal pages somehow? I saw slightly similar posts in this forum, but nothing exactly like it. A modified index.htm? When I use relative links, can i link to / instead of /index.htm? TIA, dean

I believe someone did use the form via AOL, so that's that. I guess I underestimate the "smartness" of AOL's caching/proxies. It must pull the HEADs off of the forms whether used or not... but that makes sense. thanks annie, dean

Hi Annie- Thanks for the info. I feel a *little* safer. What I don't understand, though, is that they can't get to my thankyou.html page without running the dodosmail php script to send a form based email to me. i.e. After the message has been sent, the user is redirected to the thankyou.html page, and there is no other way to get there... Would AOL's users still grab the HEAD? dean

I was looking through my access logs today because my "thank you" page that comes up after someone sends me a message via a form showed a new hit in awstats, but I did not get the message. I have since tested the form, and it still works. I did find this in my raw access logs that contained thankyou.html 152.163.101.8 - - [11/Mar/2005:11:18:06 -0500] "GET / HTTP/1.0" 200 5535 "http://www.google.com/search?hl=en&ie=ISO-8859-1&q=venus+surf+adventures" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 152.163.100.133 - - [11/Mar/2005:11:18:09 -0500] "GET /style.css HTTP/1.0" 200 1381 "http://surfvenus.com/"'>http://surfvenus.com/"'>http://surfvenus.com/" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 152.163.100.133 - - [11/Mar/2005:11:18:10 -0500] "GET /custom.js HTTP/1.1" 200 7377 "http://surfvenus.com/" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 152.163.100.137 - - [11/Mar/2005:11:18:13 -0500] "GET /js/awstats_misc_tracker.js HTTP/1.0" 404 1929 "http://surfvenus.com/" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 152.163.101.9 - - [11/Mar/2005:11:18:19 -0500] "GET /packages.htm HTTP/1.0" 200 13535 "-" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 152.163.100.202 - - [11/Mar/2005:11:18:21 -0500] "HEAD /thankyou.html HTTP/1.0" 200 0 "-" "-" 152.163.100.65 - - [11/Mar/2005:11:18:22 -0500] "GET /images/buynow.gif HTTP/1.0" 200 482 "http://www.surfvenus.com/packages.htm" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" Several things confuse me about this... 1 is that the addresses come from the same group of IP's, and their access times are within seconds of each other. 2 is that these are not all the normal listings for when a browser finds my site, i.e. the index.htm images and file do not appear. 3 is what does HEAD mean instead of GET? any ideas as to what this was? TIA, dean

I guess then my best protection is to just have low res (i.e. 72dpi) images on the site that are not very large... Ni modo, dean

It just keeps them from stealing your bandwidth, not the images themselves. <{POST_SNAPBACK}> OK. That's good. Thanks for all the help everyone! dean