Menu
I am receiving the following error but can't seem to make sense out of it within the context that it's happening:
Message Path 'PROPFIND' is forbidden. StackTrace at System.Web.HttpMethodNotAllowedHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Google has turned up results that don't seem to have anything to do with my app (this is asp.net MVC on IIS6). The site is functioning fine, but I would like to try and catch and handle this error. Thanks.
803
Ok I think we found the answer, and evidently it's sort of obvious, but I'm not a systems guy so that's my excuse. ;) In using MVC with IIS 6 we have implemented Wildcard Mapping to get the nice extensionless URLs for the site. But the way I understand it, with the wilcard mapping enabled it just processes all the requests as though they were for ASP.net including these WebDAV verbs issued by the people blindly probing for vulnerabilities that 48klocs mentioned.
62
Is it a public web server? A quick Googling seems to indicate that there was a DOS attack involving PROPFIND and WebDAV. If it's public, you're picking up logs from spray-and-pray drive-by attackers. If it's internal, you've got a bigger head-scratcher.
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
