Jump to content

Archived

This topic is now archived and is closed to further replies.

Azure Moon

Possible Hacking Attempt?

Recommended Posts

Hi Everyone!

 

The past week or so I've noticed some odd things when checking the latest visitors through my cPanel and I'm wondering if they are some kind of hacking attempt. I've looked up the IP addresses and they're from all over the world and I don't know if these type of things are normal, a weird spider, or a hacker.

 

Here's a short list of the things I've been seeing:

 

/nosuichfile.php

 

/noxdir/nosuichfile.php

 

/PMA/scripts/setup.php

 

/admin/mysql/scripts/setup.php

 

/admin/phymyadmin/scripts/setup.php

 

/db/scripts/setup.php

 

/dbadmin/scripts/setup.php

 

/admin/file_manager.php/login.php

 

/admin/file_manager.php/login/php?action=download&filename=/includes/configure.php

 

 

I'm hoping that someone out there can give me some insight as to what these are and if I should be blocking them. Any help and/or suggestions will be greatly appreciated.

 

Brightest Blessings,

 

Azure Moon

Share this post


Link to post
Share on other sites

Dawn,

 

It looks like someone is testing the site to see if you have left any known vulnerabilities still open. The reason you are seeing this behavior from 'all over the world' is because they are using proxy servers to access your site and mask their own IP address. I would deny access to those IP addresses and perhaps install the IP trap contribution as well.

 

Also, MAKE sure your site is secure. !!!

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

×