[drupal-support] Problem (hacker attempt to access FrontPage
extensions--and then some)
Adam Gaffin
AGaffin at nww.com
Tue Aug 9 18:13:59 UTC 2005
> I've been seeing similar, although not to frontpage pages, I
> believe. Most
> are for search.jsp, with the full request being a URL for
> some other site
> that has nothing to do with me. I've been wondering if
> they're hacker
> attacks or if someone has his DNS misconfigured.
You might want to check your server logs to see if you're getting unusually
high numbers of requests for your site banner or some other graphic. For
awhile, I had some pay-per-click fraud scammer in China downloading my site
banner tens of thousands of times a day, along with seeming requests for
URLs nowhere on my site. If so, there's some code you can put in .htaccess
that will only allow graphics to be downloaded via URLs specifically on your
site (this will also block any forum "hotlinkers" you might have).
I also see regular requests for files such as proxy.cgi, which I assume is
from some script kiddie looking to play.
Adam Gaffin
Executive Editor, NetworkWorld.com
agaffin at nww.com / (508) 490-6433 / http://www.networkworld.com
"I programmed my robotic dog to bite the guy who delivers the electronic
mail." -- Kibo
More information about the drupal-support
mailing list