I have website error messages emailed to me. I get a daily stream of about 2 to 10 errors that say "invalid web resource request" or "Invalid Script Resource Request". Many of these errors originate in the middle of the night when I highly doubt my users are online. I've not experienced any problem with my website that would indicate any programming errors, nor have any users complained about errors. I have Site Lock and it doesn't indicate any malware. I've seen comments elsewhere that point to a number of causes but attacks from some type of hackers seems one explanation. Any insight into this? Thanks
Thanks for taking an interest in this. There are two types: This: Message This is an invalid webresource request. StackTrace at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) Query String d=0fM3nqwkrjZMLPuYQlGXBQiTqPp4VNdXQGY8fXdt2FX4_xeA2jPnS4Eh1EEQmpiR5_D-9o6rSkJOFKWCdj0Wg4aSBphNCGZccPzWVOor4r81&t=635078704936682663 And this: Message This is an invalid script resource request. StackTrace at System.Web.Handlers.ScriptResourceHandler.Throw404() at System.Web.Handlers.ScriptResourceHandler.ProcessRequest(HttpContext context) at System.Web.Handlers.ScriptResourceHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) Query String d=_d4FGWTyGX1qjAkCD3gJQf-z2n1XANknP0RS-suvEP0mV2dbrmrtq38wFFI5okKMiyWcJUl_ORoZ1fDttOIh4fOMQm0mNMR_MmR9vDgfHcL55I67HrX3HWawZt0uR46XWNk15w-5FpQ0afDEh3tp1Q2&t=ffffffffc9f82b39 As I mentioned, I've no indication these result from my users (Although, I suppose it's possible) nor do I find any issues with my site (again, I suppose it's possible there are some problems lurking in the background). As I look at these messages, I notice "completed Synchronously". I do have one page, where a user can make a comment, that is coded at the top of the .aspx page with: <%@PageAsync="true"Title........... and then in the VB code behind page: Imports System.Net.Mail Imports System.Threading And then in my routine for sending me a mail message when a use puts in a comment: mySmtpClient.SendAsync(mymessage, state) I did this because the user response after putting in a comment seemed to be slowed down by the routine for sending me an email. Although, honestly, it didn't seem to help a lot. Also, I've never seen a correlation between the comments I personally post and these error messages. Again, lots of these errors pop up at something 3:00 am - hard to believe my users are posting comments at that time. Actually, my site gets a very low volume of comments even in the summer when it's most used. Now, at this time of the year, there is very little traffic. However, if you think I should remove the async code, I will. Thanks.
I was able to find this web page article that might help you out here: http://forums.asp.net/t/1704762.aspx Sounds like just as you describe in your original post. " I've seen comments elsewhere that point to a number of causes but attacks from some type of hackers seems one explanation." I would suggest you enable your raw logs for your site account. Our knowledge base articles talks about how to do this here. Once you enable it please wait 48 hours and if you get one of these error messages again. Check the HTTP logs around the time a HTTP call was made to your comment section. This line in your HTTP log will provide you with the person's IP number. You can then use this IP number to block it using IIS Manager. Our knowledge base article here shows you how to connect to your site using IIS Manager. Once connected double click on "IP Address and Domain Restrictions" icon. Click on "Add Deny Entry". Enter the person IP number in the "Specific IP address:" field and click OK.
Thank you very much for the great info - I'll implement these steps and post back in a few days. Thanks again!
Just an FYI on progress: enabled raw logs and downloaded IIS Manager - all went smoothly. Now starting the 48 hour wait.