I’ve been using redirection to keep 404 error logs on my site for some time. Occasionally I let it get too big and clear it out. Today I checked on it after a few hours and found some interesting errors in a fairly short time frame.

First off, we have a bot that appears to originate from China. It seems to be scanning for random rar files such as 8.27.rar, 8.28.rar, and so on. I can only assume that its looking for a toolkit or bot package of some kind… possibly one that it can hack into and hijack for itself. Just speculation… I’m sure someone could tell me exactly what this is if they wanted…
chinacomm Interesting things you find in a 404 error log

Next we have a typical RFI scan bot digging around where it shouldn’t. This is likely the most common attack your server will experience. Cheap botherders looking for easy roots…
rfiscan Interesting things you find in a 404 error log

Another bot scanning for remote file inclusion vulnerabilities to exploit:
rfi2 Interesting things you find in a 404 error log

Here is an interesting “attack” looking for certain files used by Wordpress plugins. In this case, the person (a spammer) is looking for certain files used by CommentLuv, a plugin that allows for easy “dofollow” backlinks. There are a few bots and scripts out there that scrape search engine results looking for signs of these plugins, then the list is exported and another piece of code searches through the resulting urls to see if any of them actually have the code.
missingplugins2 Interesting things you find in a 404 error log
Here is another example of this type of activity from today:
missingplugins Interesting things you find in a 404 error log

Even less interesting is Bing bots constant bombardment of really ancient non existent files that have been on my site for MANY months. I don’t know where it got this list of my files to spider, but it really ought to find a better source. Even slow ass Yahoo slurp hasn’t touched these old files in forever…