Skip to content

It’s frightening – I’net apps as targets

Kelly7552 has some advice to word press dreamhosters at the Dreamhost customer discussion forum that is well worth perusing, I think. He got into analyzing the error and access logs to his 6 wordpress installs and what he reports is frightening.

many of the trolls are not specific to wordpress ,like trolls trying to access phpmyadmin, trying to access directories that were deleted 5 years ago, trolling for crossdomain.xml, looking for /cgi-bin/cvename, trying to go up the directory structure (/../../../) imbedding HTTP in the php request, trying to encode php in the php request, trying to encode href, or weirdly trying to type +result:++ into the php request; a large number of trollers use the HTTP head command to see what’s happening on your files; how about /.google-analytics/ga.js as a request? In a month, I think I’ve seen a lot or requests unrelated to people actually using the website.
… Repeatedly I’ve seen 1373 attempts in 30 seconds to crack wp-login …

Can you imagine the load this sort of activity places on the I’net and its servers? It is not that hard to write a program to go out and bang on one server application after another. It’s nearly risk free as well. It is also irresponsible and very very sad that it has to be dealt with.

Post a Comment

You must be logged in to post a comment.