This site combines information from two separate servers. The address pwall.net resolves to a server run by a hosting service — currently Gandi in Paris, France. That server holds most of the content for the website, but some of the bulkier files, for example full-size images, are stored on my home server in Sydney.

Both of these servers use HTTP software that I wrote using node.js, and both keep server logs. The logs record the date and time of the request, the URL, the IP address of the requesting machine, the “User-Agent” string of the software (e.g. the browser) that made the request and the URL of the page that linked to this request.

The main purpose of the logs is to monitor intrusion attempts. I want to see what forms of attack are being made on my website, and whether any of those attacks have any chance of success.

The secondary purpose is to see which parts of the site are the most popular, and that can lead to some surprising findings.

Shortly after I started using my home server to serve the images for this website I noticed a request to download this image:

I was a little mystified — the image had at one time been on the main page of the website, but by the time of this download it had been relegated to the Picture Archive pages. And the requesting IP address resolved to somewhere like Kansas. Why was someone in Kansas downloading this image?

After two or three more downloads of the same image, all to equally unexpected locations, I decided to investigate. On a hunch, I tried a Google image search for “geese flying”, and there was my image in the first page of search results (when I tried again recently it had disappeared from the results — fame is fleeting).

At the time I had no server logs to refer to, but now I can check the “Referer” (sic) header of the request to find where it came from, and if it came from a search, what the query string was.

That is the purpose of the logs — to find out where the vistors to the site (benign and otherwise) are coming from and why, and to help keep out the baddies and improve the experience for the friends or the merely curious.

This site does not use cookies. If you receive a request to store a cookie from one of my servers, the cookie is being generated by an intermediate proxy (for example, a caching system). As far as I am concerned, you may (and probably should) refuse the cookie. What that does to the proxy is anyone’s guess.

It is possible that I may use cookies in the future to store preferences, for example the preferred size for the return of images. If I do decide to do this, I will clearly state the purpose of the cookie before I send the cookie to the browser.

I will never make any part of this website dependent on the use of cookies — if I use them at all, there will always be a fallback mode of operation which does not require cookies.