mglenn310 Posted October 23, 2011 Share Posted October 23, 2011 This IP [ xxx.xx.xxx.xxx ] has been htaccess banned on the http://mysite.com website by osC_Sec.php version 4.0[r8] REASON FOR BAN: getShield() listed item request_uri is banned: php/login. Time of ban: Sat, 22 Oct 2011 15:05:11 .------------[ ALL $_GET VARIABLES ]------------- # # - cPath=51/admin/categories.php/login.php # `-------------------------------------------------------- .---------[ ALL $_POST FORM VARIABLES ]------- # # - No POST form data # `-------------------------------------------------------- .------------[ $_SERVER VARIABLES ]-------------- # # - TMPDIR = /home/content/83/8377683/tmp # - PHPRC = /var/chroot/home/content/83/8377683/html # - TEMP = /home/content/83/8377683/tmp # - PHP_FCGI_CHILDREN = NULL # - PATH = /sbin:/usr/sbin:/bin:/usr/bin # - PWD = /web/cgi-bin # - SHLVL = NULL # - RAILS_ENV = production # - SPI = TRUE # - TMP = /home/content/83/8377683/tmp # - PHP_FCGI_MAX_REQUESTS = 100000 # - FCGI_ROLE = RESPONDER # - SCRIPT_URL = /catalog/index.php # - SCRIPT_URI = http://mysite.com/catalog/index.php # - HTTP_CONNECTION = close # - HTTP_HOST = mysite.com # - HTTP_USER_AGENT = libwww-perl/6.02 # - SERVER_SIGNATURE = <address>Apache Server at mysite.com Port 80</address> # - SERVER_SOFTWARE = Apache # - SERVER_NAME = mysite.com # - SERVER_ADDR = # - SERVER_PORT = 80 # - REMOTE_ADDR = # - DOCUMENT_ROOT = /var/chroot/home/content/83/8377683/html # - SERVER_ADMIN = [email protected] # - SCRIPT_FILENAME = /var/chroot/home/content/83/8377683/html/catalog/index.php # - REMOTE_PORT = 44742 # - GATEWAY_INTERFACE = CGI/1.1 # - SERVER_PROTOCOL = HTTP/1.1 # - REQUEST_METHOD = GET # - QUERY_STRING = cPath=51/admin/categories.php/login.php # - REQUEST_URI = /catalog/index.php?cPath=51/admin/categories.php/login.php # - SCRIPT_NAME = /catalog/index.php # - PHP_SELF = /catalog/index.php # - REQUEST_TIME = 1319321111 # - 0 = cPath=51/admin/categories.php/login.php # - argc = 1 # - $PHP_SELF filename ( osC_Sec ) = index.php # `-------------------------------------------------------- OTHER INFO $oscsec_threshold=1 /home/content/83/8377683/html/catalog/.htaccess is htaccess writeable = 1 Link to comment Share on other sites More sharing options...
Taipo Posted October 23, 2011 Share Posted October 23, 2011 Yes, that is the message that osC_Sec spits out if you have set it to do so. Just a quick note, the latest version is 4.1 released a day or so ago and has some significant additions to it in terms of protecting the database from malicious attacks via 3rd party addons. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.