lextech Posted March 15, 2011 Share Posted March 15, 2011 My side is getting TONS of admin request from hosts that are inside the US, which I am guessing are proxy servers used by overseas hackers and hackbots. I have most of the security contributions so there is no admin directory under that name, but is there anything to be concerned about otherwise with SO MANY attempts at hacking my site? Also, I installed IP_Trap and it works properly if you try /personal but it doesn't trap anything else. I want it to trap on /admin request with so many issues I am having, but it just gives a normal 404 error. Is the robots file the ONLY file that I need to edit to make the admin directory catch? Here are the attempts on my site just over the last few hours. None of them trapped by Ip_trap, though I added /admin to my robots.txt file. RC2.2a Link to comment Share on other sites More sharing options...
Guest Posted March 15, 2011 Share Posted March 15, 2011 Unfortunately, I have found NOTHING you can do about this. I have two clients sites getting 3000-5000 a night just like that. I changed one site to IP trap them and had more than 3000 in about 10 hours. But, deleted the bans because the hackers are using insecure proxy sites and previously hacked servers to run the script to look for other vulnerable sites. If you use an IP trap, eventually you would block 10's of thousands of potential customer IP's. Edit: The only thing they will get is the satisfaction they are using bandwidth. Nothing more. Chris Link to comment Share on other sites More sharing options...
MrPhil Posted March 15, 2011 Share Posted March 15, 2011 In your .htaccess, 301 redirect any reference to admin/xxxx to www.fbi.gov. :-) In another thread on this topic, I suggested downloading malware or kiddie porn to the hacker, but no one seemed to like that... :-( Link to comment Share on other sites More sharing options...
lextech Posted March 15, 2011 Author Share Posted March 15, 2011 ^ LOL. Ok Chris it's nice to know I'm not the only one seeing large numbers of these hits. As long as they can't get to me with the security add ons I'm ok I guess. :) Though I still don't know why my IP trap isn't catching anything from /admin. EDIT: I have actually used HT access to block anything not in the US or Canada, but they still keep coming. RC2.2a Link to comment Share on other sites More sharing options...
Guest Posted March 15, 2011 Share Posted March 15, 2011 The IP trap in admin only works if they try to access /admin directly in the URL. This (as an example) /xxxx-i-10.html/admin/file_manager.php/login.php is not the same as this www.yourdomain.com/catalog/admin So, the IP trap won't work. UNLESS you create a /admin/file_manager.php sub-directory and place the ip trap in that sub-directory. Chris Link to comment Share on other sites More sharing options...
lextech Posted March 15, 2011 Author Share Posted March 15, 2011 Good to know, thank you. I'm not sure if IP trap is even worth using at this point, given your example. Sounds like there a a lot more IP's flooding in than I have seconds in the day to battle them. Long as they can't get in I'll just let them hit it. :) RC2.2a Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.