Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Does this look like an attempted security breach?


Tim Romero

Recommended Posts

Here is the info from my HTML log:

 

[Wed Jan 13 04:48:08 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/b2b

[Wed Jan 13 04:48:11 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/catalog/admin

[Wed Jan 13 04:48:11 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/ecommerce

[Wed Jan 13 04:48:14 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/negozio

[Wed Jan 13 04:48:18 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/shop

[Wed Jan 13 04:48:21 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/store

[Wed Jan 13 04:48:24 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/zen

[Wed Jan 13 04:48:24 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/zen-cart

[Wed Jan 13 04:48:27 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/zshop

 

If so, how can I block this guy from trying again?

Link to comment
Share on other sites

Here is the info from my HTML log:

 

[Wed Jan 13 04:48:08 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/b2b

[Wed Jan 13 04:48:11 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/catalog/admin

[Wed Jan 13 04:48:11 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/ecommerce

[Wed Jan 13 04:48:14 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/negozio

[Wed Jan 13 04:48:18 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/shop

[Wed Jan 13 04:48:21 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/store

[Wed Jan 13 04:48:24 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/zen

[Wed Jan 13 04:48:24 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/zen-cart

[Wed Jan 13 04:48:27 2010][error] [client 74.86.166.194] File does not exist: /data/22/1/17/20/1995183/user/2181650/htdocs/zshop

 

If so, how can I block this guy from trying again?

 

He is trying to find hacks and your admin folder name .. to ban him is irrelevant as it will be just another dynamic IP .. if you have the ability to ban the IP just for today then do it but apart from that it's useless.

 

More importantly look at what he is trying to access and think to yourself .. did he find my admin directory (or other) is what he is trying to access secure?

Link to comment
Share on other sites

He is trying to find hacks and your admin folder name .. to ban him is irrelevant as it will be just another dynamic IP .. if you have the ability to ban the IP just for today then do it but apart from that it's useless.

 

More importantly look at what he is trying to access and think to yourself .. did he find my admin directory (or other) is what he is trying to access secure?

 

 

Hi just a general question. If you secure your whole site using SSL, would that block hackers from attacking? and how would that affect customers. they would still be able to use www.yourdomain.com right?

 

Thanks

AE

Thank you in advance,

AE

Link to comment
Share on other sites

Hi just a general question. If you secure your whole site using SSL, would that block hackers from attacking? and how would that affect customers. they would still be able to use www.yourdomain.com right?

 

Thanks

AE

No. The only thing SSL does is prevent a third party from intercepting data from the user to the host and back. You need to follow all the security recommendations in this forum to properly secure all the various attack methods. Network sniffers are only one of the methods.

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...