2

As part of filtering out potential harmful traffic, I currently reject traffic where $_SERVER["HTTP_ACCEPT"] is empty.

I notice from my logs that a fair number of requests have been rejected due to the accept header being empty and some of them come from valid IP traffic when requesting favicon.ico.

I currently block these favicon.ico requests with a "403 Forbidden" (I know I should probably use 406 Not Acceptable).

I do have a favicon.ico on my site. I am aware that favicon.ico "not found" errors are not seen by the user. Is it the same for me blocking these pages or will they see the 403 Forbidden page?

I would like to test this myself, but I do not know how to generate a page request with empty headers. Perhaps if someone has a way to do this as well, it will help.

Thanks for your input.

mseifert
  • 459

2 Answers2

1

Is it the same for me blocking these pages or will they see the 403 Forbidden page?

Blocked images, including favicon, does not result in a 403 page being displayed. The image will simply not be displayed in the same fashion as if it was not found.

Chris S
  • 78,455
1

That's pretty easy with telnet.

You could do something like this: open a command prompt (Execute cmd on Windows) and type these three lines:

telnet www.yoursite.com 80
GET /favicon.ico HTTP/1.1
host: www.yoursite.com
  • Type twice for an output
  • Type Ctrl+C to return to command prompt

You will get a nice output with headers and html.

Tips for those of us who last used telnet a million years ago, or for nebies:

  • On Windows 7 you might have to first enable your telnet client or server, see here.

  • Then if you are only seeing Connecting To localhost... see this answer because telnet does not by default echo what you type.

Community
  • 1
SamK
  • 1,376