Tons of errors in my error logs on my new 7.0.7 upgrade...

Store UI, layout, design, look and feel; Discussion on the customer facing pages of your online store. Cascading Style Sheets, Themes, Scriptlets, NVelocity and the components in the ConLib directory.
Post Reply
crazyjoe
Commander (CMDR)
Commander (CMDR)
Posts: 172
Joined: Mon Apr 26, 2010 2:20 pm

Tons of errors in my error logs on my new 7.0.7 upgrade...

Post by crazyjoe » Tue Sep 06, 2011 9:39 am

I am getting hundreds of errors a day on my site after I upgraded to 7.0.7. It seems like maybe it's from a bot or maybe my McAfee PCI scans? The error logs look like this...

9/6/2011 9:47:23 AM Error An error has occured at http://www.hotleathers.com/Men39s-Padde ... spx.config Path '/Men39s-Padded-Jacket-with-Orange-Piping-P6744.aspx.config' is forbidden.
9/6/2011 9:47:23 AM Error An error has occured at http://www.hotleathers.com/Men39s-Padde ... 744.config Path '/Men39s-Padded-Jacket-with-Orange-Piping-P6744.config' is forbidden.
9/6/2011 9:47:31 AM Error An error has occured at http://www.hotleathers.com/Men39s-Padde ... .aspx.java Path '/Men39s-Padded-Jacket-with-Orange-Piping-P6744.aspx.java' is forbidden.
9/6/2011 9:47:31 AM Error An error has occured at http://www.hotleathers.com/Men39s-Padde ... P6744.java Path '/Men39s-Padded-Jacket-with-Orange-Piping-P6744.java' is forbidden.
9/6/2011 9:47:49 AM Error An error has occured at http://www.hotleathers.com/Men39s-Padde ... 44.aspx.vb Path '/Men39s-Padded-Jacket-with-Orange-Piping-P6744.aspx.vb' is forbidden.
9/6/2011 9:47:49 AM Error An error has occured at http://www.hotleathers.com/Men39s-Padde ... g-P6744.vb Path '/Men39s-Padded-Jacket-with-Orange-Piping-P6744.vb' is forbidden.
9/6/2011 9:47:49 AM Error An error has occured at http://www.hotleathers.com/Men39s-Padde ... spx.vbproj Path '/Men39s-Padded-Jacket-with-Orange-Piping-P6744.aspx.vbproj' is forbidden.
9/6/2011 9:47:50 AM Error An error has occured at http://www.hotleathers.com/Men39s-Padde ... 744.vbproj Path '/Men39s-Padded-Jacket-with-Orange-Piping-P6744.vbproj' is forbidden.

Something is adding weird endings to my URL's and it's causing an error to show in my logs. Anybody gotten errors like this?
Crazy Joe Sadloski
Webmaster
Hot Leathers Inc.
http://www.hotleathers.com

WebDev7
Lieutenant, Jr. Grade (LT JG)
Lieutenant, Jr. Grade (LT JG)
Posts: 49
Joined: Thu Oct 14, 2010 7:25 am

Re: Tons of errors in my error logs on my new 7.0.7 upgrade...

Post by WebDev7 » Tue Sep 06, 2011 9:28 pm

Hello,

It looks like its reading a VIsualStudio VisualBasic Project File and VisualBasic Classes in the last couple of lines. Did you use Visual Studio with your upgrade?

crazyjoe
Commander (CMDR)
Commander (CMDR)
Posts: 172
Joined: Mon Apr 26, 2010 2:20 pm

Re: Tons of errors in my error logs on my new 7.0.7 upgrade...

Post by crazyjoe » Wed Sep 07, 2011 7:45 am

I've never used Visual Studio, or VB, I'm on a mac. Not sure if its even possible to do on a mac. Do you think this is because of something on my server that I should show my host company?
Crazy Joe Sadloski
Webmaster
Hot Leathers Inc.
http://www.hotleathers.com

crazyjoe
Commander (CMDR)
Commander (CMDR)
Posts: 172
Joined: Mon Apr 26, 2010 2:20 pm

Re: Tons of errors in my error logs on my new 7.0.7 upgrade...

Post by crazyjoe » Thu Sep 08, 2011 9:32 am

Is it possible this is a bug that is due to a missing HttpHandler in the web.config. I know I dropped some lines from that part of my web.config file and I found this info through searching the web...

Forbidden Resources

To prevent protected resources and files from being downloaded over HTTP, map them to the ASP.NET HttpForbiddenHandler.
Map Protected Resources to HttpForbiddenHandler

HTTP handlers are located in Machine.config beneath the <httpHandlers> element. HTTP handlers are responsible for processing Web requests for specific file extensions. Remoting should not be enabled on front-end Web servers; enable Remoting only on middle-tier application servers that are isolated from the Internet.

The following file extensions are mapped in Machine.config to HTTP handlers:
.aspx is used for ASP.NET pages.
.rem and .soap are used for Remoting.
.asmx is used for Web Services.
.asax, .ascx, .config, .cs, .csproj, .vb, .vbproj, .webinfo, .asp, .licx, .resx, and .resources are protected resources and are mapped to System.Web.HttpForbiddenHandler.

For .NET Framework resources, if you do not use a file extension, then map the extension to System.Web.HttpForbiddenHandler in the configuration file, as shown in the following example:

Note If you are running .NET 2.0, the <httpHandlers> setting is in the machine-level Web.config file.

<add verb="*" path="*.vbproj" type="System.Web.HttpForbiddenHandler" />

In this case, the .vbproj file extension is mapped to System.Web.HttpForbiddenHandler. If a client requests a path that ends with .vbproj, then ASP.NET returns a message that states "This type of page is not served."

The following guidelines apply to handling .NET Framework file extensions:

Map extensions you do not use to HttpForbiddenHandler. If you do not serve ASP.NET pages, then map .aspx to HttpForbiddenHandler. If you do not use Web Services, then map .asmx to HttpForbiddenHandler.
Disable Remoting on Internet-facing Web servers. Map remoting extensions (.soap and .rem) on Internet-facing Web servers to HttpForbiddenHandler.

Has anyone seen anything like this?
Crazy Joe Sadloski
Webmaster
Hot Leathers Inc.
http://www.hotleathers.com

User avatar
jmestep
AbleCommerce Angel
Posts: 8164
Joined: Sun Feb 29, 2004 8:04 pm
Location: Dayton, OH
Contact:

Re: Tons of errors in my error logs on my new 7.0.7 upgrade...

Post by jmestep » Fri Sep 09, 2011 7:18 am

Do you have McAfee scanning the site? Sometimes those services try to access weird urls to verify that they aren't a security breach.
Judy Estep
Web Developer
jestep@web2market.com
http://www.web2market.com
708-653-3100 x209
New search report plugin for business intelligence:
http://www.web2market.com/Search-Report ... -P154.aspx

crazyjoe
Commander (CMDR)
Commander (CMDR)
Posts: 172
Joined: Mon Apr 26, 2010 2:20 pm

Re: Tons of errors in my error logs on my new 7.0.7 upgrade...

Post by crazyjoe » Tue Sep 13, 2011 7:05 am

Do you have McAfee scanning the site? Sometimes those services try to access weird urls to verify that they aren't a security breach.
Yep, that was it! I paused my McAfee scan and got no errors. Thanks Judy
Crazy Joe Sadloski
Webmaster
Hot Leathers Inc.
http://www.hotleathers.com

Post Reply