Forum Topic: widgets.js

Forum: .htaccess Forum : Security • Posted by Jeroen • Updated:

Hello,

Lately a get requests like this one:

domain.com/platform.twitter.com/widgets.js

I have tried to find out online if this is any good or bad, but couldn’t really find an answer. When I look up the IP at projecthoneypot, most of the time the IP addresses are of spam harvestors like

http://www.projecthoneypot.org/ip_190.34.88.134
http://www.projecthoneypot.org/ip_109.169.70.78

Is this something that should be blocked or do I need it for the twitter button on my website? It gives me only 404’s since it doesn’t lead to anything and I can’t figure out where this link is coming from.

Anyone some ideas or does anyone else also have these 404 errors or recognizes them?

Thanks

Jeroen

2 Replies to “widgets.js”

Posted by Jeff Starr

Requests like the one in your example are common (in my experience). I recommend searching your site files for any instances of “widgets.js” and then go from there. If the file doesn’t exist, returning a 404 is probably the easiest way to deal with it, but if the requests are exceedingly numerous you may want to block with 403 or similar.

Posted by Jeroen •

Thanks Jeff, I’ll go from there.