Thanks Kenneth, Another possibility, if you just want to stop logging the pests, is to put the following in the global section of your httpd.conf:
# Stop logging nimda requests, based on: #http://lists.netfilter.org/pipermail/netfilter/2001-October/026587.html # SetEnvIfNoCase Request_URI /cmd.exe|/root.exe|/default.ida nimda CustomLog /var/log/apache/access.log combined env=!nimda # comment out next line to NOT log nimda requests CustomLog /var/log/apache/nimda.log "%a %v %t %U" env=nimda # # suppress logging errors from serving 404s to the bastards: <IfModule mod_alias.c> RedirectMatch (.*)/root.exe http://not.nimda.friendly.invalid$1 RedirectMatch (.*)/cmd.exe http://not.nimda.friendly.invalid$1 RedirectMatch (.*)/default.ida http://not.nimda.friendly.invalid$1 </IfModule> I have a line in there to log nimda requests to a seperate file, comment it out if you don't want it. If you're maintaining seperate logs for multiple VirtualHosts, repeat the CustomLog directive(s) for each one (adjust your paths): <VirtualHost *> ServerName www.DOMAIN.TLD ServerAlias DOMAIN.TLD ServerAdmin [EMAIL PROTECTED] DocumentRoot /var/www/DOMAIN.TLD/htdocs UserDir disabled #keep nimda out of access.log CustomLog /var/www/DOMAIN.TLD/log/access.log combined env=!nimda CustomLog /var/www/DOMAIN.TLD/log/nimda.log "%a %v %t %U" env=nimda ErrorLog /var/www/DOMAIN.TLD/log/error.log </VirtualHost> I am going to do this today. Best Wishes! Mike Olds www.buddhadust.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
