I have notice a jump in the number of visitors online in my site from 20 to 200 and they are from the same IP address accessing php files ...see below: what is this? and what should i do?
Looks like a bot scanning for a vulnability in phpmyadmin. If you aren't running phpmyadmin on the sever then there's not much to worry about. If you do have phpmyadmin, make sure it's up to date with the latest version and consider protecting the directory with an htaccess file. You could also consider blocking the ip address from accessing your website.
Like Maxmarket says, they most likely did a google dork and found your site or just a scanner that scans any site with php. They are looking for Sql Injections probebly. If your using a opensource system or something else, make sure you have the most recent version and you should be ok.
Yeah, it's someone scanning your website for vulnerabilities. Not really too big a deal unless you're vulnerable. lol. If it worries you, you can block that IP but that sort of thing happens often.
If you have a dedicated host on linux, check your /etc/log/secure logs lol you always have some bots trying to hack accounts.
Arsehole script kiddies. My log files have been getting exponentially bigger over the years because of these idiots. If I had the time I'd set up a honeybot. Look out for referrers from google that look like '"Powered by PHPFM" filetypehp' etc.
I wouldn't bother with a honeypot they cost money and youwon't even put a dent in the script kiddies number. So just secure your stuff and their is not problems.
Cost money? I was going to run it on FreeBSD and use inetd to bind every port to a logging program. Total cost = zero. The goal for a honeypot is not to hurt the script kiddies numbers, it's to gather information so that you can secure yourself more effectively.
running that cost money, since your using server resources. But i know what you mean, just think most script kiddie scripts are crap anyways. But learning from them is a good approach. good luck with it
Ahh ok, thought you meant the software. yeah... I suppose time would factor in as well - which is probably why I haven't done it yet.
Just reading main thread and avoiding all the answer ..same thing happen to me once because i put permission of database as Guest so all the user who hosted their website on the same server can view my database because of this guest permission. so check out something this may happen to you ?