rocaholic Posted April 28, 2011 Share Posted April 28, 2011 So, I was browsing through my admin and looking at whos online and saw this weird IP address with the last URL visited file_manager.php. I removed that long time ago and changed my admin folder name as well. I immediately banned that IP address through cPanel. I do have the security pro, site monitor, ip trap, htaccess, cross site scripting addons installed. Although, I haven't updated them for 4 months. My question is, was this a hacker attempt? And if so, had I not been online, would he have gain access to my site? Link to comment Share on other sites More sharing options...
Xpajun Posted April 28, 2011 Share Posted April 28, 2011 Yes it was a hacker attempt - but - you have renamed admin and removed file_manager.php so had you not been on line access would not have been gained. I get a number of attempts per day trying to hack my store - most trying the .php/login.php approach - all are banned immediately using "Bad Behavior Block" (no honey pot required ;) ) My store is currently running Phoenix 1.0.3.0 I'm currently working on 1.0.7.2 and hope to get it live before 1.0.8.0 arrives (maybe 🙄 ) I used to have a list of add-ons here but I've found that with the ones that supporters of Phoenix get any other add-ons are not really neccessary Link to comment Share on other sites More sharing options...
rocaholic Posted April 28, 2011 Author Share Posted April 28, 2011 Yes it was a hacker attempt - but - you have renamed admin and removed file_manager.php so had you not been on line access would not have been gained. I get a number of attempts per day trying to hack my store - most trying the .php/login.php approach - all are banned immediately using "Bad Behavior Block" (no honey pot required ;) ) Thanks for your post! I just installed that addon after this. I tested and whenever I put file_manager.php/login.php, I didn't get banned. But if I put in just file_manager.php, I did get banned. Did you add an extra code?? Link to comment Share on other sites More sharing options...
Xpajun Posted April 29, 2011 Share Posted April 29, 2011 Thanks for your post! I just installed that addon after this. I tested and whenever I put file_manager.php/login.php, I didn't get banned. But if I put in just file_manager.php, I did get banned. Did you add an extra code?? Hi John, Yes extra code was added - it's posted here The post also explains a bit about .htaccess conditions and gives the reason why you got the above result add the new condition(s) after RewriteRule file_manager\.php$ bad_conduct/ban.php [NC,L] Julian My store is currently running Phoenix 1.0.3.0 I'm currently working on 1.0.7.2 and hope to get it live before 1.0.8.0 arrives (maybe 🙄 ) I used to have a list of add-ons here but I've found that with the ones that supporters of Phoenix get any other add-ons are not really neccessary Link to comment Share on other sites More sharing options...
rocaholic Posted April 29, 2011 Author Share Posted April 29, 2011 thanks!!!! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.