0

We have a website hosted on a Windows Server 2008 R2 EC2 instance and have had this error regularly in our error logs: 

HttpException: The file '/SimpleAuthWebService/SimpleAuth.asmx' does not exist.

After some research I can see that in the IIS logs we are getting POST requests from about six different ip addresses to the above url:

2014-10-20 00:17:59 xx.x.xxx.xxx POST /SimpleAuthWebService/SimpleAuth.asmx - 80 - xx.xxx.xx.xxx Windows-Update-Agent 302 0 0 177

And after some more research the asmx file is apparently part of Windows Server Update Services (WSUS). Does this mean that some other machines assume this server is a WSUS server and are expecting updates from it? Should I just block these ip addresses or is there a bigger issue I'm overlooking?

Thanks!

Ben
  • 890
  • 4
  • 10

1 Answers1

1

Yes, this means that some computer has the URL of your server configured as its update source. You should track down those computers (if they're in your network) and reconfigure them to point at the correct service (or Windows Update itself) using Group Policy.

Ben H
  • 3,136
  • 3
  • 25
  • 34