How often should we expect 400 Bad Request?

http apache-2.2 400 bad-request

Based on what you are seeing, if the same IPs logging the errors can later successfully access the site, then it is probably very safe to ignore the infrequent errors for the rational that you have presented.


Just to expand on MrTuttle's answer, the 400 errors I've investigated in the wild are typically someone trying (unsuccessfully) to exploit your webserver, typically because they haven't noticed that you're not running a vulnerable version, or they just don't care. A fair proportion of the 404 errors I get on my sites are in the same boat -- attempts to exploit vulnerable webapps I don't have installed (phpmyadmin, I'm glaring at you).


Kudos for actually reviewing your logs! I'd ignore the 400 errors. 99.999% of the time, they're client-side, and completely outside your purview; network flakeyness or a spyware-ridden browser, in my experience.

Related

What do I lose by running Exchange 2010 in a Windows 2003 Active Directory Domain?
How can I verify whether or not Windows Server 2008 R2 has SP1 installed?
Blackhole route private intranet traffic
Simple program or script to check load time of web page [closed]
How to prevent going to SWAP?
Windows 7 Command Line Prompt
Is the firewall on Windows Server 2008 R2 sufficient?
How to configure CentOS Iptables without getting locked out
iptables input, output, forward
Why does Sql server write 100's of files to System Volume Information (all with the same name)
Temporary FTP accounts?
Regex for sed to grab multiple lines or a better way?