Avec Posted April 2, 2008 Share Posted April 2, 2008 I happened to be looking at Supertracker and Who's Online. I refreshed and Who's increased by 83 from literally 1 minute to the next. All 83 new had the same IP. The odd thing is that listed there as the last URL were various entries similar to this 00:08:16 0 Guest 85.10.140.177 11:16:10 11:16:10 /-c-27.html?products_id=http%3A%2F%2Fwww.meexia.com%2Fblog%2Fwp-content%2Fthemes%2Fsquares%2Forelura%2Fwageno%2F&action=buy_now&sort=2a&osCsid=509485cc448831dadadb44ef5ffd3674 The all have weird urls embeaded. (www.meexia.com shown) It does not look like any of them have the same url. Many of them have country extension, including France, CH, UK. Any idea what this is all about? Link to comment Share on other sites More sharing options...
Azure Moon Posted April 2, 2008 Share Posted April 2, 2008 Hi Jeff, I'm getting the same thing with weird URL's listed in the who's online, just not as many as you and I'm hoping someone out there has the answer. What I get is about two or three times a day really weird things show up in my Who's Online under the Last URL section. Every time these appear, the beginning of the last url starts with index.php?cPath= and always ends with /images? or /images - but there's always something weird in between. For example: index.php?cPath=http://thepotparty.eclub.iv/images? Or index.php?cPath=http://luckygoldpot.chat.ru/images When I track the IP address they are from all over, but mainly Canada, Poland and the US. And the same weird last url is usually listed/online more than once at the same time. What is this and is there anyway to block them? Am I being hacked somehow? Any insight and/or suggestions will be greatly appreciated. Brightest Blessings, Dawn Owner, Azure Moon Jewelry And Gifts www.azuremoonjewelry.com Link to comment Share on other sites More sharing options...
arietis Posted April 2, 2008 Share Posted April 2, 2008 What is this and is there anyway to block them? Am I being hacked somehow? you might try the ban ip addresses contribution: http://addons.oscommerce.com/info/1561 this doesn't explain where these are coming from though. i think i've seen another contribution for a more advanced who's online feature that includes information about the user agent making the request. if you had that information you might be able to block these kinds of requests a little better. i don't think it's a security risk, but it is using up your bandwidth which is still undesirable. Link to comment Share on other sites More sharing options...
Azure Moon Posted April 2, 2008 Share Posted April 2, 2008 you might try the ban ip addresses contribution:http://addons.oscommerce.com/info/1561 this doesn't explain where these are coming from though. i think i've seen another contribution for a more advanced who's online feature that includes information about the user agent making the request. if you had that information you might be able to block these kinds of requests a little better. i don't think it's a security risk, but it is using up your bandwidth which is still undesirable. Hi Dave! Thank you for getting back to me and also for the contribution tip...I'll check it out :-) Brightest Blessings, Dawn Owner, Azure Moon Jewelry And Gifts www.azuremoonjewelry.com Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.