awstats shows authenticated user "mrbean"

While checking my awstats on one of my sites I saw two instances of authenticated users that I did not recognize. One was for mrbean and the other was just "".

I contacted support at my hosting company and they said these are failed attempts to authenticate by people trying to brute force .htaccess protected directories. Should I have any concerns? Has anyone here at DP ever seen this?

 

You shouldn't have to worry too much as long as your passwords are strong (numbers and leters, uppercase and lowercase.. and a special character for good measure). Most sites won't get the attention of bruteforcers, unless you got some adult sites.

BTW Mr Bean's real name is Rowan Atkinson if it might help you catch the culprit

 

I dont have any adult sites... it's a fitness related site. I think I am going to revamp my htaccess passwords right now and make them even stronger.

thanks for the advice infin8

 

That's a good idea... Also, If you notice the bruteforce attempts to increase and become a problem, you can add security code that will block an IP address after a number of unsuccessful attempts. You should only have to block for a few minutes to discourage bruteforce bots. However, only having 2 unrecognized usernames, you're probably not under attack, because bots use thousands of combinations. It was most likely just one curious person typing in some random names.

Good luck with it all, hope your site does well for you now and in the future.

 

I have had the same problem and someone has browsed the pages of my directory as well...

Authenticated users : 3 Pages Hits Bandwidth Last visit sreedhar_reddy_m 6306 6306 57.77 MB 28 Jun 2007 - 11:55 "" 7 7 118.70 KB 27 Jun 2007 - 13:44 1 1 14.29 KB 04 Jun 2007 - 01:18 Other logins (and/or anonymous users) 218678 394298 2.22 GB

 

I am getting this aswell. Would really to like to know where it is coming from.