How to deal with possible hacker?

[kamusicman]

When I check to see Who's Online in Admin, I sometimes get a result with the URL described as this:

 

/catalog/product_info.php?product_id=http://utenti.lycos.it

 

or

 

/catalog/product_info.php?product_id=http://wbryka.chat.ru

 

No product in my store has URL's for product id's. Is someone trying to redirect my customers to their website? If so, what can I do to prevent this really annoying and costly hack?

 

Thanks in advance.

[Jack_mcs]

Look in your control panel for an option to ban his IP and do so.

 

Jack

[Guest]

Look in your control panel for an option to ban his IP and do so.

 

Jack

Jack,

Is this really a hacking attempt? If so, how does it work? I have noticed similar URLs and banning the IP will be a never-ending task as they keep changing. I changed a few settings on my site and that seems to have stopped this but I would like to understand what it is they are trying to do.

[Jack_mcs]

Yes, unless the op means to have his product id set to the web site wbryka.chat.ru. It is not worth the effort to figure out what the hacker is trying to do. It is enough to know he is trying. Banning the IP is the only remedy though. And, you are correct, hackers will usually have more than one IP and will try again. You have to keep banning until they get tired and go away.

 

Jack

[Ken44]

Hi

 

I found this downloadable spam ban list

 

http://spencerp.net/id/53

 

Would it be a good idea to add it? And if so how would it be added?

 

Are there any better/other lists?

 

Thanks

 

Ken.