Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Should I be concerned about these log entries?


pcsohio

Recommended Posts

I keep seeing the same IP Addresses in my logs even though their respective ranges are in .htaccess

Google shows the addys associated with script attacks.

I'm running v2.3.1

 

Assuming I need to, how do I block them?

 

80.81.183.2 /catalog/admin/banner_manager.php/login.php libwww-perl/5.805

80.81.183.2 /admin/banner_manager.php/login.php libwww-perl/5.805

80.81.183.2 /catalog/conditions.php/admin/banner_manager.php/login.php libwww-perl/5.805

80.81.183.2 /catalog/admin/categories.php/login.php 7/18/11 12:49 PM libwww-perl/5.805

80.81.183.2 /admin/categories.php/login.php 7/18/11 12:49 PM libwww-perl/5.805

80.81.183.2 /catalog/conditions.php/admin/categories.php/login.php libwww-perl/5.805

80.81.183.2 /catalog/admin/file_manager.php/login.php libwww-perl/5.805

80.81.183.2 /admin/file_manager.php/login.php libwww-perl/5.805

80.81.183.2 /catalog/conditions.php/admin/file_manager.php/login.php libww

 

91.121.176.121 /catalog/admin/banner_manager.php/login.php libwww-perl/5.813

91.121.176.121 /admin/banner_manager.php/login.php libwww-perl/5.813

91.121.176.121 /catalog/conditions.php/admin/banner_manager.php/login.php libwww-perl/5.813

91.121.176.121 /catalog/admin/file_manager.php/login.php 7/18/11 12:43 PM libwww-perl/5.813

91.121.176.121 /admin/file_manager.php/login.php 7/18/11 12:43 PM libwww-perl/5.813

91.121.176.121 /catalog/conditions.php/admin/file_manager.php/login.php libwww-perl/5.813

91.121.176.121 /catalog/admin/categories.php/login.php 7/18/11 12:43 PM libwww-perl/5.813

91.121.176.121 /admin/categories.php/login.php 7/18/11 12:43 PM libwww-perl/5.813

91.121.176.121 /catalog/conditions.php/admin/categories.php/login.php libww

OSC v2.3.1 Proud user since sometime last week.

Link to comment
Share on other sites

Denny,

 

 

If you are running v2.3.1, then you have no reason to be concerned. That is simply a script looking for vulnerabilities.

 

 

 

Chris

Link to comment
Share on other sites

If you add the following to your .htaccess file in the root of your store it will stop them even getting in

 

#Stop index.php?cPath=22/admin/categories.php/login.php?cPath=&action=new_product_preview etc

 

RewriteEngine on

RewriteCond %{REQUEST_URI} \.php/login\.php [OR]

RewriteCond %{QUERY_STRING} \.php/login\.php

RewriteRule .* - [F]

 

Martin

Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...