NYCPHP Meetup

[joomla] are these hack attempts?

Matt Thomas matt at betweenbrain.com
Tue Nov 27 09:09:45 EST 2012


Hi Janet,

Yes, they are attempts to discover the presence of certain files to be
exploited. If you monitor your error logs closely, you'll see numerous
attempts like this every day. I wouldn't worry too much about them, but
certain tools will monitor these attempts and block the IP addresses of
repeat offenders .

By the way, my favorite is http://example.com/wp-admin

Best,

Matt Thomas
Founder betweenbrain <http://betweenbrain.com/>™
Lead Developer Construct Template Development
Framework<http://construct-framework.com/>
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain



On Tue, Nov 27, 2012 at 7:35 AM, Janet Sullivan <jmsullivan50 at yahoo.com>wrote:

> I am seeing "expired links" appear in the redirects component for a
> redesigned/updated website
> using an old domain name.  I can't figure out where the expired links are
> coming from, and I am
> wondering if the links are possible hacks or attacks on the site?
>
> the format of the links are
> www.valid_domain_name.com/frontend/personnel/valid_name_of_staff_member.php
>
> there is nothing on the old site or the new site with  "frontend" in the
> url AND the site
> does not use the php extension for any of the pages.  Could this urls be
> some sort of attempted
> attack on the site?  I haven't installed admin tools yet, but plan to do
> so in the next few days.
> Thanks!
>
> Janet
>
>
> _______________________________________________
> New York PHP SIG: Joomla! Mailing List
> http://lists.nyphp.org/mailman/listinfo/joomla
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20121127/23804f41/attachment.html>


More information about the Joomla mailing list