Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Possible Hacking Attempt?


Azure Moon

Recommended Posts

Posted

Hi Everyone!

 

The past week or so I've noticed some odd things when checking the latest visitors through my cPanel and I'm wondering if they are some kind of hacking attempt. I've looked up the IP addresses and they're from all over the world and I don't know if these type of things are normal, a weird spider, or a hacker.

 

Here's a short list of the things I've been seeing:

 

/nosuichfile.php

 

/noxdir/nosuichfile.php

 

/PMA/scripts/setup.php

 

/admin/mysql/scripts/setup.php

 

/admin/phymyadmin/scripts/setup.php

 

/db/scripts/setup.php

 

/dbadmin/scripts/setup.php

 

/admin/file_manager.php/login.php

 

/admin/file_manager.php/login/php?action=download&filename=/includes/configure.php

 

 

I'm hoping that someone out there can give me some insight as to what these are and if I should be blocking them. Any help and/or suggestions will be greatly appreciated.

 

Brightest Blessings,

 

Azure Moon

Posted

Dawn,

 

It looks like someone is testing the site to see if you have left any known vulnerabilities still open. The reason you are seeing this behavior from 'all over the world' is because they are using proxy servers to access your site and mask their own IP address. I would deny access to those IP addresses and perhaps install the IP trap contribution as well.

 

Also, MAKE sure your site is secure. !!!

 

 

Chris

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...