Hi.

Jean Christophe ANDRÃ0/00 wrote:
Are you using the VirtualHost capability on this server?

Yes.

If so, you should be aware of using some _default_:* entry to catch
all access not using (or using a bad) hostname for VirtualHost.

I just tried to forge a http request targetting at a non-specified domain name that resolved to the correct ip. The result was that the root directory's index.html was shown. So I think this is not the problem.

But I'm curious how they found out about it... any ideas?
Did you take a look at the Referer of those access?
It might help you to track it down...

Had this idea, yes. But they all have no referrer when accessing this file.

Bye, Mike

Reply via email to