Website errors - what are these files?

[metroplex]

Now that I registered my own domain name and found a webhosting service, I got my site up and running but found some peculiar errors:

I found over 60 errors where ppl attempted to access these files/directories:

/_vti_bin/shtml.exe/_vti_rpc

/_vti_inf.html

/robots.txt

/animate.js

I only get about 100 hits (on average) a day and so far these (each) have about 60 hits.

I found 99 hits for favicon.ico and found that it was just used for bookmarks where you have a custom icon for your site that shows up in ppl's IE favorites bookmarks.

But what are these other things? I never had them on my site before so I don't know why ppl would try to access them.

 

[dighn]

_vti looks like something that would be created by front page

 

[notfred]

robots.txt is a file that can be used to specify which pages on your site automated serach-engine robots shouldn't use when creating search engine indexes.

The /vti_ things are frontpage configuration info.

Don't know about animate.js

 

[RossMAN]

Who is your webhost and what control panel (cPanel, Ensim, Plesk, Ikonware, H Sphere) are they using?

 

[metroplex]

Hey Rossman!

I'm using 8-95 and its the ensim control panel.

 

[RossMAN]

Originally posted by: metroplex
Hey Rossman!

I'm using 8-95 and its the ensim control panel.

I would post your question in their forums then.

 

[metroplex]

well I was asking because this isn't related to 8-95 or the ensim control panel, these are errors generated from ppl that have visited my site (logged in the admin control panel).

I.e.

You go to my site and attempt to visit \pamela_anderson\ and there'd be a 404.

This gets logged in the report and I see 1 account of someone trying to visit \pamela_anderson

I don't see how ensim or 8-95 would be directly related to this.

 

[jjones]

The robots.txt file is being accessed by search engine spiders. Don't worry about it if you don't have this file. The vti's are frontpage. The js is a file for some javascript you're using.

Most likely, you've got some issues with the coding in your site. What's the domain and what did you use to design the site?

 

[metroplex]

I'm not using any javascript at all and I used Dreamweaver 4 to design the site pages.

 

[jjones]

Yeah, but you might have something in there that you put in with Dreamweaver accidentally or thought you removed.

 

[metroplex]

Alright thanks! I'll check out the code right away.

 

[yllus]

Originally posted by: jjones
The robots.txt file is being accessed by search engine spiders. Don't worry about it if you don't have this file. The vti's are frontpage. The js is a file for some javascript you're using.

Most likely, you've got some issues with the coding in your site. What's the domain and what did you use to design the site?

Half right, I believe. robots.txt is indeed read by most quality search engines out there; for example, read this page to see how Google handles robots.txt. Quick fix for this, though: "If you just want to prevent the "file not found" error messages in your webserver log, create an empty file named robots.txt."

Accesses to /_vti_whatever are likely to be hacked/virused computers instructed by their masters to scan the web for sites to hack using FrontPage extensions. Theoretically, tracing and notifying the owners of said computers to tell them their computers are being used for nefarious purposes would be best. Realistically, ignore them and move on.

/animate.js is a new one. Something on your server might be broken? .js is a JavaScript file.

 

[Andrew111]

Originally posted by: metroplex
/_vti_bin/shtml.exe/_vti_rpc

/_vti_inf.html

I started a post earlier asking about those files....I know they are used By FrontPage....but I wasn't able to get an answer on whether there is a legitimate reason those files would show up in the logs. Here's a link to a site talking about those files:

http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html

 

[TommyVercetti]

I have seen similar errors, but never bothered looking into them. Not only that, but I have seen people searching for image directories like "www.domain.com/pictures". What's up with that? Directory surfing?

 

[RossMAN]

Originally posted by: TommyVercetti
I have seen similar errors, but never bothered looking into them. Not only that, but I have seen people searching for image directories like "www.domain.com/pictures". What's up with that? Directory surfing?

I hate allowing people to directory surf on my domains so I turn off directory listings by adding 1 line of code to the .htaccess file

http://www.hostingmyway.com <--- Directory listings turned OFF

http://www.bofadeals.com <--- Directory listings turned ON

 

[metroplex]

Ok update:

I noticed the animate.js error occurs in the main root of my site and I know for a fact I did not use anything remotely resembling javascript for my main root page.

it has to be someone searching for this file specifically, not one of my websites or the HTML code looking for a javascript file.

 

[Andrew111]

There are lots of automated crawlers out there looking for security holes, email addresses to collect, etc. I get a lot of requests for form mail....it's possible for a remote user to use a website's form mail to send out spam....I don't understand why people use it when it's fairly simple to come up with your own form to send email using PHP...plus there are tons of website's online that will give you examples of how to do it. If there weren't so many incompetent people with web sites the internet would be a better place😀