The xmlrpc.php file of my WordPress blog recently got hit by a single bot some 5000 times over a half hour period recently. I temporarily disabled all visitors and then limited it to just blocking the specific IP via Apache conf (htaccess).
In my web development career, I have countless times needed to look at Apache logs to figure out or find out about problems with sites, monitor activity, or for various other purposes. I’ve used command line tools to help with this, often looking for strings and counting occurrences. Since I recently needed to create a command string to count unique IP’s connected to a given string in the logs, I thought I’d post about it and a few related useful commands.
Up way later than I wanted to be, fighting with Symfony’s framework bundle trapping PHP errors from getting to my Apache logs, and Apache’s ErrorLogFormat not being able to display REQUEST_URI. Gonna have to come back to these later.
Looking at a page discussing the code of the first web browser (WorldWideWeb), I noticed a line designating port 2784 as OLD_TCP_PORT. After looking into it a bit more, I determined that this was the port used for the web until port 80 was officially designated in January of 1992.