Help: E-mail Flooding through 404 Error!

Kami

Hi,

This morning I woke up and had over 1397 Emails! Woah! I must be popular...

But out of the 1397, 1394 were 404 error emails. I have a script setup on my server that sends an email to me every time there is a 404 error. After some headpounding and a bit searching and ofcourse luck, I found the reason for all those mails was that someone had posted some links to the site on a forums with pictures(approx 40 links). Now that there was no actual content for the server forward (ie, links were to stuff that didnt exist), it did the 404 error and ran the script and sent me an email every time.

I had anticipated this before hand and had some basic flood protection using sessions. But since the links on the forums only refered to pictures and my server wasnt actually visited, the errors gathered... I have asked for the links to be removed but it can happen again...

So basically here is the problem, I need a way to protect my 404 error script so that it doesnt flood my inbox with hundereds of emails when someone posts bogus links somewhere.

Any help or suggestions would be appreciated.

Currently this is the part that sends the mail:

if ( $ReqURL!=$_SERVER['REDIRECT_URL'] || !session_is_registered("timer") || ($timer+30)<=time()) 
{
   $recordmail= "<P>(By the way, this 404 has been recorded so that we can fix it.) </P>";
   $timer=time();
   $today = date("Y-m-d");
   $hours=round((( $timer%604800)%86400)/3600);
   $minutes=round(((( $timer%604800)%86400)%3600)/60);
   $seconds=(((( $timer%604800)%86400)%3600)%60); 

   session_register("timer");
   $ReqURL=$_SERVER['REDIRECT_URL'];
   session_register("ReqURL");
   ob_start();
      print_r($_SERVER);
      $data = ob_get_contents();
   ob_end_clean();
   mail($_SERVER['SERVER_ADMIN'],'Page Not Found: '.$_SERVER['REDIRECT_URL'],"Error occured at: ".$today." ".$hours.":".$minutes.":".$seconds."\n".$_SERVER['REDIRECT_ERROR_NOTES']."\n".$data);
}

I know the code is not brilliant but it works 😛
or atleast it did until it started flooding...

The problem as I see it is the If statement

if ( $ReqURL!=$_SERVER['REDIRECT_URL'] || !session_is_registered("timer") || ($timer+30)<=time())

I need to change it so that it can stop those buggers who are linking to evil stuff... or not send me mail when that happens. Is it possible ?

Please help...

Thanks
Kami

Kami

Erm... its not meant to be that wide! 😕 😕
can someone tell me what I did wrong to edit the post to make it right?

rohithmr

HEy,
Ok this is my stab at the problem. First, in my opinion one doest need 404 emails generated for anything other than content, meanin the email shudd only b sent if the missing document is a .php, .php3, .phtml, .html or .htm etc. YOu can incoporate this change into ur script pretty easily, a simple extension check shudd do the trick.

Another method I can think of is storing the URL of the last missing document in a flat text file or MySql and only send the email if its a diff URL than the last time, thus preventing duplicate emails.

Holla bac if u need ne help incoporating ne of dese suggestions.

Kami

Ok this is my stab at the problem. First, in my opinion one doest need 404 emails generated for anything other than content, meanin the email shudd only b sent if the missing document is a .php, .php3, .phtml, .html or .htm etc. YOu can incoporate this change into ur script pretty easily, a simple extension check shudd do the trick.

I hadnt considered that option... I will give it a try, shouldnt be too hard to code, but I may need to give you a shout if I get stuck 🆒

Another method I can think of is storing the URL of the last missing document in a flat text file or MySql and only send the email if its a diff URL than the last time, thus preventing duplicate emails.

This wont fix my problem as the images have differnt file names, ie (pic1.jpg pic2.jpg) etc, storing the last name or even the last ten or two is not gurantee that it cant be abused.

Thanks for your quick reply.

I will attempt the restricing to content type to html etc files.

Cheers
Kami