17

I have a load of entries in my web server error log from the same referer. See example below:

Cannot serve directory /home/*****/public_html/wp-admin/css/: No matching DirectoryIndex (index.php,index.php7,index.php5,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.jp,index.phtml,index.shtml,index.html,index.js) found, and server-generated directory index forbidden by Options directive, referer: binance.com

I have been getting this error from the same referer (binance.com) for weeks. I know this error is a result of my .htaccess and security settings forbidding indexing in that directory etc... However my question is will having this amount of attempts affect performance? Is the referer (binance.com) the origin of the attempt? If so, is it worth me somehow blocking this independently to tighten security? Or is it best left alone not really affecting anything?

Thanks

Matt
  • 413
  • 1
  • 5
  • 12
  • 1
    This error indicates that a given directory in your website does not have a index file. In most cases you can ignore this error it simply means that some one tried to access a directory that did not have a index file. For example some one visited `yourdomain.com/wp-admin/css/` this caused the log entry to appear. – Jasper B Aug 18 '21 at 12:02
  • 1
    I recommend you to also do a quick search on Stack overflow for `Cannot serve directory` as there are plenty solutions to this I will link one of them below – Jasper B Aug 18 '21 at 12:05
  • 1
    Does this answer your question? [Disable "Cannot serve directory" errors](https://stackoverflow.com/questions/41742669/disable-cannot-serve-directory-errors) – Jasper B Aug 18 '21 at 12:06
  • 2
    My question is "will having this amount of attempts affect performance? Is the referer (binance.com) the origin of the attempt? If so, is it worth me somehow blocking this independently to tighten security?" – Matt Aug 19 '21 at 21:05
  • I've seen these pop up in the 100s across 4 different WPe sites in the error logs as well. What I find is interesting is they are ONLY on a theme called "GEM - TheGem + Elementor" - what theme are you using? Only danger I see here is "loading up the log" (a non issue if you have a log limit file size set) but it does raise my eyebrow, its the kind of thing that seems like a shenanagan may be brewing. these either end in [nothing, mountain out of molehill] OR [whoops, we should have looked into that and taken it seriously] PS- its possible to fake the header, might NOT be binance.com sending – Christian Žagarskas Oct 13 '21 at 03:31
  • 1
    I voted to close this question because it is not a programming question and it is off-topic on Stack Overflow. Non-programming questions about your website should be asked on [webmasters.se]. Next time, just ask your question there instead of here. – Stephen Ostermiller Nov 14 '21 at 11:35

1 Answers1

21

I'm running a Wordpress site as well. Recently started seeing the same thing from this referer. The error indicates that binance.com has a page that is attempting to include a directory as though it was a file. Something like this:

<link rel="stylesheet" href="https://website.com/wp-admin/css/">

My guess is that this is actually some kind of security scan unrelated to binance.com that is just using their hostname to distract from the scan itself, or spam/scam to drive traffic to binance.com. It appears there has been a rise in these occurrences in the last week or so. I see others reporting the same thing online. The good news is that your Apache config is such that directory listing is disabled. Directory listing is evil ;)

Daniel Smith
  • 1,044
  • 10
  • 16
  • 2
    Thanks Dan great reply. I will ignore the errors. Not much cause for alarm then. As you say, I have my directory listings disabled. – Matt Aug 25 '21 at 19:17