Hi, I have drupal installed on my site, and have pages of lines similar to user/user/user/blog/user/user/user/user/password denied in my access log. Is this a sure sign of a hacker? If so, what's the best way to combat the threat? Thanks, fcmisc.
Hmm, never heard of anything like this? I'm not pretty sure but it does look like someone has tried to access your user. Sorry I can't help.
That is odd... if you are worried, look up the IPs, and block them. But it could be some kind of error, that causes it to keep adding things to the URL, like a mod_rewrite problem or something?
Thanks for the tips guys. I looked up the IP's. One was some sort of hacker/scammer. Another appeared on a forum spammer list. I guess his bot was trying to spam my site...