[ic] question regarding entry in usertrack log

John Young john_young at sonic.net
Fri Apr 30 01:07:26 EDT 2004

Sanjeev Topiwala wrote:

> I'm running catalog based on foundation on IC 5.0.1
> I found this entries into my usertrack logs today
> 20040429    nsession:qwest.net        67-42-47-214.phnx.qwest.net    
> 1083275126        ADDITEM=<item_code>&VIEWPAGE=ord/basket
> 20040429    nsession:qwest.net        67-42-47-214.phnx.qwest.net    
> 1083275127        VIEWPAGE=ord/basket
> ...
> ...
> ...
> 20040429    nsession:qwest.net        67-42-47-214.phnx.qwest.net    
> 1083275968        VIEWPAGE=ord/basket
> there are about 970 entries of the line above - the bot? trying to 
> access the ord/basket repetitively. Was this some kind of attack or some 
> error in my code which was making the bot request the same page 
> (ord/basket) for about 970 times ?
> I have this entry into my robots.txt file
> User-agent: *
> Disallow: /cgi-bin/catalog/search.html
> Disallow: /cgi-bin/catalog/ord/
> Any ideas/suggestions if I need to do anything ?

What a coincidence... I saw exactly the same behavior today, except
the visitor was from Europe instead of Qwest, and it did not do an
ADDITEM, only a couple of product views and then around 1700 basket
views (3 or 4 per second).  I'm guessing it's either a very poorly
written bot or browser add-on.

What was the corresponding User Agent string from your web server
access log?  Mine contained AskBar (the 'Ask' is what made it 'nsession').

Anyone know if AskBar can cause that behavior, or whether or not
AskBar in the UA should trigger no session, for that matter?

If it's a bot (most likely, unless it's some sort of really bad
pre-fetching mechanism on a really retarded brower), it's highly
unlikely that it will respect your robots.txt file (since that is
a voluntary adherence scheme).

John Young

More information about the interchange-users mailing list