Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

What are these visiters up too- who's online


exupawi

Recommended Posts

When viewing who's online recently I have found some paths that don't make sense. I pasted some below. I have been banning their ip addresses and hosts and I see that many of the ips are DNSOBL blacklisted. What are they trying to do here? How are they finding my site and why now?

 

204.15.248.0 - 204.15.255.255 /osCommerce/catalog/index.php?cPath=21/admin/sqlpatch.php/password

208.116.36.60 osCommerce/catalog/product_info.php?cPath=94&a

75.125.37.122 07:36:38 07:36:38 /osCommerce/catalog/index.php?cPath=21/admin/categories.php/logi

66.249.67.75 09:05:06 09:05:06 /osCommerce/redirect.php?action=url&goto=27.00&osCsid=5a7e2bdc44

217.144.201.54 09:08:40 09:08:40 /osCommerce/catalog/index.php?cPath=21/admin/categories.php/logi

217.144.201.54 09:08:46 09:08:46 /osCommerce/catalog/index.php?cPath=70/admin/categories.php/logi

217.144.201.54 09:08:48 09:08:48 /osCommerce/catalog/index.php?cPath=70/admin/file_manager.php/lo

0:03:38 0 Guest 91.196.124.13 09:34:45 09:34:45 /osCommerce/catalog/index.php?cPath=21/admin/categories.php/logi

00:03:43 0 Guest 91.196.124.13 09:34:40 09:34:40 /osCommerce/catalog/index.php?cPath=21/admin/file_manager.php/lo

00:03:45 0 Guest 91.196.124.13 09:34:38 09:34:38 /osCommerce/catalog/index.php?cPath=21/admin/categories.php/logi

00:03:51 0 Guest 91.196.124.13 09:34:32 09:34:32 /osCommerce/catalog/index.php?cPath=21/admin/file_manager.php/lo

00:01:44 0 Guest 91.196.124.13 09:36:39 09:36:39 /osCommerce/catalog/index.php?cPath=70/admin/categories.php/logi

00:01:34 0 Guest 91.196.124.13 09:36:49 09:36:49 /osCommerce/catalog/index.php?cPath=22/admin/file_manager.php/lo

00:01:35 0 Guest 91.196.124.13 09:36:48 09:36:48 /osCommerce/catalog/index.php?cPath=22/admin/categories.php/logi

00:01:44 0 Guest 91.196.124.13 09:36:39 09:36:39 /osCommerce/catalog/index.php?cPath=70/admin/file_manager.php/lo

00:00:51 0 Guest 91.196.124.13 09:37:32 09:37:32 /osCommerce/catalog/index.php?cPath=41/admin/file_manager.php/lo

00:00:50 0 Guest 91.196.124.13 09:37:33 09:37:33 /osCommerce/catalog/index.php?cPath=41/admin/categories.php/logi

00:03:06 0 Guest 91.196.124.13 09:38:44 09:38:44 /osCommerce/catalog/index.php?cPath=60/admin/categories.php/logi

00:03:04 0 Guest 91.196.124.13 09:38:46 09:38:46 /osCommerce/catalog/index.php?cPath=41/admin/file_manager.php/lo

00:03:03 0 Guest 91.196.124.13 09:38:47 09:38:47 /osCommerce/catalog/index.php?cPath=93/admin/categories.php/logi

Link to comment
Share on other sites

Paul,

 

It is a script, looking for vulnerabilities in your website so the hacker can come back and hack the website.

 

 

 

Chris

Link to comment
Share on other sites

  • 3 months later...

You need to change your admin directory and then change the defines to point to the new one. Once they fire up file manager they can and do upload files to mail out spam. once you are clean install sitemonitor.

Link to comment
Share on other sites

Its a script that checks vulnerability.

 

Some scanning services check for vulnerability or some hackers trying to get if they can break thru.

 

Do the following:

1.Rename Admin.

2. .htaccess protect admin.

3. Delete file manager code.

4. Images folder and all other 777 folders to be htaccess protected.

 

Satish

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Link to comment
Share on other sites

<FilesMatch "\.(php([0-9]|s)?|s?p?html|cgi|pl|exe){:content:}quot;>

Order Deny,Allow

Deny from all

</FilesMatch>

 

should go into htaccess and these htaccess should be placed in images folder.

 

Satish

 

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Link to comment
Share on other sites

<FilesMatch "\.(php([0-9]|s)?|s?p?html|cgi|pl|exe){:content:}quot;>

Order Deny,Allow

Deny from all

</FilesMatch>

 

should go into htaccess and these htaccess should be placed in images folder.

 

Satish

Thanks! However, to clarify, do you mean a separate, unique htaccess file in addition to one in the root level should go into the images folder? What exactly is this command doing, and what is the logic behind putting it in the images folder?

Oscommerce site:

 

 

OSC to CSS, http://addons.oscommerce.com/info/7263 -Mail Manager, http://addons.oscommerce.com/info/8120

Link to comment
Share on other sites

This needs to go as a seperate htaccess file in images folder.

 

This will not allow any files with .php or .exe or .cgi t be executed.

 

Making your image folder more safe for your site.

 

Satish

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Link to comment
Share on other sites

This needs to go as a seperate htaccess file in images folder.

 

This will not allow any files with .php or .exe or .cgi t be executed.

 

Making your image folder more safe for your site.

 

Satish

That makes total sense. Thanks for explaining it.

Oscommerce site:

 

 

OSC to CSS, http://addons.oscommerce.com/info/7263 -Mail Manager, http://addons.oscommerce.com/info/8120

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...