19

I am using Elmah for logging in a ASP.NET MVC project and I am recieving lots of 404 errors for a path /prx2.php which in turn is passing a hash as a querystring param.

I assume this is a scanner trying to find vulnerabilities. Because I am not running PHP I am safe! However I would like to stop ELmah reporting this error.

Whats the best way to exclude these types of errors from being reporting without actually creating a /prx2.php page. I also would like to do this in a config file rather than doing it progmatically.

Any ideas?

Rippo
  • 22,117
  • 14
  • 78
  • 117

2 Answers2

18

Elmah supports error filtering - Error Filtering link

This should solve the issue for you. You can either define your filter through code - in the Global.asx file, or within the xml config for elmah itself

saret
  • 2,217
  • 13
  • 12
  • Trouble is its a all or nothing if I want to do this in a config file e.g. `` filters ALL 404 – Rippo Jan 15 '10 at 13:19
  • You can be more specific in the config files - see the Using JScript section of that link. This will show you how to be more specific and define complex conditions using javascript syntax such as using RegEx on the URL to matches specific paths – saret Jan 15 '10 at 13:28
  • 1
    +1 Thanks will have look, although this looks a little nasty! – Rippo Jan 15 '10 at 13:33
4

Step1: Configure config sections to include elmah errorFilter section:

<configSections>
  <sectionGroup name="elmah">
    <!-- ... -->  
    <!-- this is the important part -->
    <section name="errorFilter" requirePermission="false" 
      type="Elmah.ErrorFilterSectionHandler, Elmah"/>
  </sectionGroup>
</configSections>

Step2: Configure the filter itself in <elmah> section.

<elmah>
  <!-- ... -->
  <errorFilter>
    <test>
      <and>
        <equal binding="HttpStatusCode" value="404" type="Int32" />
        <!-- you may want to consider something more generic like pattern="/.+[.]php" -->
        <regex binding="Context.Request.Url" pattern="/prx2.php" />
      </and>
    </test>
  </errorFilter>
</elmah>

Step3: Include the Elmah.ErrorFilterModule inside your application modules

Modern (IIS7+) version of including http module:

<system.webServer>
  <modules runAllManagedModulesForAllRequests="true">
    <!-- ... -->
    <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" 
      preCondition="managedHandler" />
  </modules>
</system.webServer>

Legacy (older IIS) version of including http module:

<system.web>
  <httpModules>
    <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" />
  </httpModules>
</system.web>
Ondrej Svejdar
  • 21,349
  • 5
  • 54
  • 89
  • Haven't used this in a while but doesn't this filter out `ALL` 404's? I want just certain file types, see my comment above on accepted answer. This answer does not help tbh, sorry – Rippo Jan 19 '17 at 14:40
  • @Rippo - my bad - its just that this page comes up first for how to remove 404 from elmah logging and the link in accepted answer is dead. So I've summarized here what I've learned from google :) Anyway I've update my answer to match also "filter just specific path". – Ondrej Svejdar Jan 19 '17 at 15:04