I'm starting a new project on Django 1.0/Pinax and I'm noticing that these silly IIS attacks that I used to see in my previous logs show up in a much more cluttered way through Apache(wsgi)/Django. Is there a best practices way to handle these types of attacks so that the attack is logged (or not) and it only takes up one line?
A couple of solutions I can think of is to use Nginx or something else as a proxy? Otherwise, is there a mod_security template that is available with Django-specific rulesets? Thanks, Adam [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] mod_wsgi (pid=30283): Exception occurred within WSGI script '/var/www/pinax/ projects/complete_project/deploy/pinax.wsgi'. [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] Traceback (most recent call last): [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] File "/usr/ lib/python2.5/site-packages/django/core/handlers/wsgi.py", line 239, in __call__ [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] response = self.get_response(request) [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] File "/usr/ lib/python2.5/site-packages/django/core/handlers/base.py", line 67, in get_response [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] response = middleware_method(request) [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] File "/usr/ lib/python2.5/site-packages/django/middleware/common.py", line 67, in process_request [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] "settings.") % (new_url[0], new_url[1]) [Mon Oct 20 19:45:23 2008] [error] [client 200.162.46.91] RuntimeError: You called this URL via POST, but the URL doesn't end in a slash and you have APPEND_SLASH set. Django can't redirect to the slash URL while maintaining POST data. Change your form to point to 75.101.151.190/_vti_bin/_vti_aut/author.dll/ (note the trailing slash), or set APPEND_SLASH=False in your Django settings. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
