This is a replacement of the class.404.php file and provides a lot more information to help backtrace problems, hacking attempts, etc…
Replace /includes/classes/class.404.php with:
<?php class ISC_404 { public function HandlePage() { GetLib("class.redirects"); // We're here because we can't find the requested URL // It may be a URL that has been set up as a redirect, so lets check that ISC_REDIRECTS::checkRedirect($_SERVER['REQUEST_URI']); //MOD Log variables submitted when 404 shown // Log the data submitted to see if we can track back the problem $debug_info = "URI: {$_SERVER['REQUEST_URI']} <br>"; if(count($_POST) > 0) { $debug_info .= 'POST:<br>'; foreach($_POST AS $k => $v) { $debug_info .= "$k :: $v <br>"; } } if(key_exists('HTTP_REFERER', $_SERVER)) { $debug_info .= '<br>REFERER: '.$_SERVER['HTTP_REFERER'].'<br>'; } if(count($_GET) > 0) { $debug_info .= '<br>GET:<br>'; foreach($_GET AS $k => $v) { if(is_array($v)) { foreach($v AS $k2 => $v2) { if(is_array($v2)) { $debug_info .= "$k2 is still a nested array"; } else { $debug_info .= "$k2 :: $v2 <br>"; } } } else { $debug_info .= "$k :: $v <br>"; } } } if(count($_POST) > 1 || count($_GET) > 1) { if(key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } $GLOBALS['ISC_CLASS_LOG']->LogSystemNotice("php","IP: {$ip} - 404 error with following data submitted", $debug_info); } //MOD END // Send the 404 status headers header("HTTP/1.1 404 Not Found"); // Simply show the 404 page $GLOBALS['ISC_CLASS_TEMPLATE']->SetPageTitle(GetConfig('StoreName')." - ".GetLang('NotFound')); $GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("404"); $GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate(); } }
Alternative version to catch all 404 without $_POST and $_GET, only exclude when particular strings in URL
//MOD Log variables submitted when 404 shown $debug_info = "{$_SERVER['REQUEST_URI']} <br>"; if(count($_POST) > 0) { $debug_info .= 'POST:<br>'; foreach($_POST AS $k => $v) { $debug_info .= "$k :: $v <br>"; } } if(key_exists('HTTP_REFERER', $_SERVER)) { $debug_info .= '<br>REFERER: '.$_SERVER['HTTP_REFERER'].'<br>'; } if(count($_GET) > 0) { $debug_info .= '<br>GET:<br>'; foreach($_GET AS $k => $v) { if(is_array($v)) { foreach($v AS $k2 => $v2) { if(is_array($v2)) { $debug_info .= "$k2 is still a nested array"; }else{ $debug_info .= "$k2 :: $v2 <br>"; } } }else{ $debug_info .= "$k :: $v <br>"; } } } if(key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; }else{ $ip = $_SERVER['REMOTE_ADDR']; } if(preg_match('(.txt|.zip)', $_SERVER['REQUEST_URI']) === 0) { $GLOBALS['ISC_CLASS_LOG']->LogSystemNotice("php","IP: {$ip} - 404 Error", $debug_info); } //MOD END