Jump to content

Hits To Fake Pages On Site


Recommended Posts

My site was recently hacked in a creloaded script directory, and my site was reprovisioned. Prior to that, and currently I see alot of hits in the error log on url's lite /mysite/some+term.php. All are different variants, and different ip's. I have seen an increase over the last 3 months. The hack was done in an images directory, and alot the urls point into other image directories.

Any ideas, or concerns for this issue, or is it common among most sites.

Link to post
Share on other sites

If I was into hacking peoples' sites, I'd probably have a script that goes around automatically looking for leftover or exposed install files, config files, or other admin files that I could mess around with. But I'm not.

 

I suppose you could block any suspect IPs, but like you said they're different so that could be time consuming. Off the bat you should make sure everything you have installed is secure and that they won't find anything useful.

 

I don't have stuff like that showing up in my logs, but then you've been hacked once already so you could just have enemies.

Link to post
Share on other sites

Tim has a good point. The install scripts all have well known names. It's very important any time we install a script that we follow the instructions carefully. One script I recently used said "When you finish, remove the install.php script or " you could get hacked.

 

Phishing for known filenames is not that uncommon.

Link to post
Share on other sites

Hello,

 

As timhodge says, such pokings are trying to find holes or unsecured areas.

 

One thing is to make sure all folders have index.html to stop people browsing them.

 

Are you using some form of a CMS or gallery script?

 

JimE

Link to post
Share on other sites

Unscruplous people will always try to find pages that don't exist. Fact of Internet life.

 

It's good that you don't have the install scripts laying around or they could wipe out your install.

Link to post
Share on other sites
I use a gallery script, and have directory indexing off. I don't have any remaining install scripts left. Just thought it a little odd to have all of these errors in the log.

And if you didn't have directory indexing off or you didn't remove the install scripts, you might be in trouble. They're just fishing. Be vigilant, but don't lose too much sleep over it.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...