Once I worked out how to ignore all the nimda and other MSFT exploit-related requests, I realized I also needed to ignore my own hits. I’m not that interested it seeing how often I post or read comments (could be depressing, actually).
So I set all my host IP addresses to ‘dontlog.’ And the nimda stuff stays the same. I suppose ignoring a range of addresses is better: I just haven’t done it yet.
SetEnvIf Remote_Addr “192\.168\.2\.1” dontlog
SetEnvIf Remote_Addr “192\.168\.2\.2” dontlog
SetEnvIf Remote_Addr “192\.168\.2\.3” dontlog
SetEnvIf Remote_Addr “192\.168\.2\.4” dontlog
SetEnvIf Remote_Addr “192\.168\.2\.5” dontlog
SetEnvIf Remote_Addr “192\.168\.2\.7” dontlog
SetEnvIf Remote_Addr “192\.168\.2\.10” dontlog
SetEnvIf Remote_Addr “127\.0\.0\.1” dontlog
RedirectMatch (.*)/(scripts|root.exe|cmd.exe|default.ida).* /goaway.html
SetEnvIf Request_URI “/(root.exe|cmd.exe|default.ida|goaway.html)” dontlog
CustomLog /usr/local/weblogs/httpd-access.log combined env=!dontlog