ArtcoInc 379 Posted May 5 One of my shops has been getting MANY searches for the expressions "2022" and "2023" (without the quote signs), all from many different IP addresses. Is anyone aware of an exploit effort searching for these terms? Or, does anyone know why these searches are being made? TIA Malcolm Share this post Link to post Share on other sites
Hotclutch 191 Posted May 5 I have seen them recently on my site, don't know anything further about it. I use security pro to help with search exploits. Share this post Link to post Share on other sites
Jack_mcs 1,116 Posted May 6 6 hours ago, ArtcoInc said: MANY searches for the expressions "2022" and "2023" I have seen any like that. If the numbers are part of something else, it might be that they are looking for hacker scripts, which sometimes have the year in the name, or backups that sites do, like mysql_dump_2022.sql. If it is just the number, like ...com/index,php?2022 it is useless and not anything to worry about. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Need Help? See this thread and provide the information requested. How to Upgrade to the latest version Recommended SEO Addons Share this post Link to post Share on other sites
ArtcoInc 379 Posted May 6 @Jack_mcs Thank you. Here's a sample of the Who's Online page ... 00:02:520Guest207.46.13.21008:28:5508:28:55/catalog/advanced_search_result.php?search_in_description=1&keywords=2023 00:11:100Guest207.46.13.15508:20:3708:20:37/catalog/advanced_search_result.php?search_in_description=1&keywords=2022 00:24:420Guest207.46.13.15508:07:0508:20:34/catalog/advanced_search.php?search_in_description=1& 00:12:080Guest207.46.13.4508:19:3908:29:36/catalog/advanced_search_result.php?search_in_description=1&keywords=2022 00:00:500Guest40.77.167.7408:30:5708:30:57/catalog/advanced_search_result.php?search_in_description=1&keywords=2023 00:03:200Guest40.77.167.7408:28:2708:28:27/catalog/advanced_search_result.php?search_in_description=1&keywords=2023 Malcolm Share this post Link to post Share on other sites
Jack_mcs 1,116 Posted May 6 1 hour ago, ArtcoInc said: Here's a sample of the Who's Online page I don't remember if whos online shows the full parameter list. I seem to recall that it didn't in some cases. But if what you show is the full list then they are just normal searches for 2022 and 2023. It wouldn't gain a hacker anything to do such a search unless there was hacker code in the shop with those in it, which seems unlikely. Could it be that your product line would contain either of those and people are just searching for the latest version? Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Need Help? See this thread and provide the information requested. How to Upgrade to the latest version Recommended SEO Addons Share this post Link to post Share on other sites
ArtcoInc 379 Posted May 6 @Jack_mcs Thank you again. I can view the search history in this shop (I have an add-on installed), and I see that this all started around April 25. Since then, there have been over 400 searches for either 2022 or 2023. And other than the Date Available field, I don't think that there is anything in the part listing that refers to a date, or these numbers. Going through the Search Log, I see that the actual search is for "2022" or "2023" (without the quotes). In the log, I have history of longer, multi-word searches (including some obvious exploit attempts). So, yea. Thanks again! Malcolm Share this post Link to post Share on other sites
Hotclutch 191 Posted May 6 The IPs appear to be bingbot. 1 ArtcoInc reacted to this Share this post Link to post Share on other sites
