i have the following show up in my http logs constantly:
Code:
75.189.254.23 - - [19/Feb/2014:22:09:42 -0500] "GET /wpad.dat HTTP/1.1" 404 206 "-" "Mozilla/5.0 (compatible; IE 11.0; Win32; Trident/7.0)"
this is on a shared web server.
here are my problems:
1) i have no idea what wpad.dat means ... i know it's a web proxy protocol but i have no idea what that really means
2) i do not know what website this is really originating from since this server has 30+ websites hosted on it
3) the web hosting environment is new to me and i'm really trying to understand it all
is there a short, precise, and to the point answer and solution for this?
this web server is constantly generating nagios alerts for load average being high and i'm trying to figure out the root cause.
i think it's really an accumulation of little things like this that is contributing to the overall problem. i recently installed an ossec agent on this server to help fend off all the brute force attacks it's been receiving ... i have all the ip addresses for failed ssh/ftp attempts locked out for 72 hours and that seems to have helped with our alerts but i really would like to figure this wpad.dat issue out.