google04e4e4725a3f563e.html

[Guest]

Refer to my old post regarding my site been hacked Click here to see my old post

 

Today I found another entry see below:

[Mon Oct 04 04:38:01 2010] [error] [client 66.249.66.202] File does not exist: /home/linweb03/s/shootingduck.com/user/htdocs/google04e4e4725a3f563e.html

 

IP address 66.249.66.202 is Google crawl bot accroding to Domain Tools

Google requested google04e4e4725a3f563e.html

 

in my old post, a hacking attact requested goog1e17d9b20b297ba.php

 

It seems to me that googxxxxxxxxxxxxxxxxx.html/.php are kinda targetted files.

 

Just wondering what exactly google04e4e4725a3f563e.html is for? and why google is requesting that file which brings up another question, that is google must also injecting files first so later on they come back to look for it, is google suppose to do that?

 

I have all spooks' suggested security patches installed, seems google tried to injecting file onto my server was not successful.

 

Im really not sure what I am looking for by posting this thread, however I am concerned about this type of files.

 

Any advice would be great.

 

Thanks

[germ]

g00gle DOES NOT UNDER ANY CIRCUMSTANCES "INJECT" FILES ON YOUR SITE.

 

PERIOD!!!

 

If it was looking for that file it probably was following a link to it from another location (internal or external).

[Robbogeordie]

Google was just checking your site to see if it serves a correct 404 error page response.

[Guest]

g00gle DOES NOT UNDER ANY CIRCUMSTANCES "INJECT" FILES ON YOUR SITE.

 

PERIOD!!!

 

If it was looking for that file it probably was following a link to it from another location (internal or external).

 

I had clean store instored and patched it str8 after installation. It shouldnt be a link from my store referred google to request that file.

 

 

Posted Today, 12:47 AM

Google was just checking your site to see if it serves a correct 404 error page response.

 

I have not seen any files thats been uploaded onto my hosting server that im not aware of. According to you, i do not need to worry at all...as my site seems secure so far?

 

 

THanks

[♥mdtaylorlrim]

Do you use Google Webmaster Tools? Did you complete the Site Verification process by putting an .html file provided by Google on your site?

 

If so the contents of the file will be something like "Google Site Verification: XXXXXXXXXXXXXXXXXXXX"

 

If you told Google to verify the site but did not put the file on your site then that is what Google is looking for...

 

Maybe someone is trying to hijack your site that way...

[Robbogeordie]

It actually looks like google is trying to verify site ownership with this url google04e4e4725a3f563e.html as the file they use for checking error responses usually has "noexist" in the url - I just checked through my logs.

If you have an account with google they'll have asked you to put this file there - if you havn't put it there and you find this file on the server then I would guess a hacker has put it there to pretend to google that they own your site.

[Robbogeordie]

See Mark's post above,sorry to repeat - didn't see it..

[Guest]

Do you use Google Webmaster Tools? Did you complete the Site Verification process by putting an .html file provided by Google on your site?

 

If so the contents of the file will be something like "Google Site Verification: XXXXXXXXXXXXXXXXXXXX"

 

If you told Google to verify the site but did not put the file on your site then that is what Google is looking for...

 

Maybe someone is trying to hijack your site that way...

 

 

HI mark,

 

Im using google webmaster tool. Yes I had gone through the verification step and after been verified ownership of the domain n site, I deleted the file lmao.

 

Is there any need to keep that file at all?

 

Thanks

[Guest]

Ok, I just went into google webmaster tool and notice my status became unverified. I have placed the file back into my site root and seems everything is fine now.

 

Thanks you guys.

:D

[obcbeatle]

As an aside...is it recommended to add tools like google webmaster tools, etc? I mean, I would like to add tools and other OSC contribs to monitor my site usage better (I do have some tools/logs thru cpanel that I currently use), but I have been a bit timid to add too many contribs, other than the security ones, since it seems like it just introduces potential problems or security breaches. For instance, I was going to post to another OSC forum about what I can do to market my site better. Most of what I've seen so far is that I can install some more contribs. But in doing so I think I could be introducing yet another potential security risk. Just wondering what the security experts on this forum have to say about this. And thanks in advance!

[♥mdtaylorlrim]

As an aside...is it recommended to add tools like google webmaster tools, etc?

Absolutely! They are the tools you need to target your marketing based on specific products in your store. You can see what people are searching for, their position in the page ranks, your sitemap indexing, and on and on....

 

I'm still evaluating Google analytics but I like it so far. The data returned is great but the performance hit is what I am more interested in.