From my php scripts, I keep on receiving information on hacking attempts. I have never thought of taking any steps before. Today someone is attempting to hack my web pages from IP 213.217.149.60 The following URL is being implanted/embedded in my pages :- http://www.boomerbible.com/instapunk/MType/archives/ajuq/evuji/ What should I do with such IP and URL. Now I shall keep watch on such activity everyday.
I checked up information on domain in impunged URL :- Technical Contact: Private, Registration Domains by Proxy, Inc. DomainsByProxy.com 15111 N. Hayden Rd., Ste 160, PMB 353 Scottsdale, Arizona 85260 United States (480) 624-2599 Domain servers in listed order: NS1.BLUEHOST.COM NS2.BLUEHOST.COM The name "DomainsByProxy" suggests highly technical activity. I am taking up matter with domain registrar GODADDY and webhost BLUEHOST. Since this my first exercise of this kind any suggestions are welcome.
The same hacker attempted to implant/embed http://stoneproperties.co.uk/album/includes/nohul/pur/ stoneproperties.co.uk Registrant's address: 54 Old Colony Dr. Whitby ON L1R2A4 CA Name servers: ns95.websitewelcome.com ns96.websitewelcome.com
Reply from bluehost :- Hello, Thank you for contacting our Abuse Department. We have contacted the owner and have requested the violation be removed, or we have removed the offending website. If you ever come across sites that are violating our Policies, please feel free to contact us again. Please feel free to contact us again if we can be of further assistance. Abuse Department 1215 N. Research Way Suite Q-3500| Orem, UT 84097 P: 888.401.4678 | F: 801.765.1992
Well I am glad you reported it I would also block the ip from your site as well.. if you have your own server i would block it form the whole server or contact your host to have them block it ..
Hi! I had a look at your website. You are engaged in webhosting. Please how are you related to hacking IP and how would you block my website from being accessed from that IP. Learning from feedbacks, I blocked IP 213.217. from accessing my website, through a command in .htaccess file .
I work more on intution than technical skill. Within 24 hours of analysing hack attempt on my website. I jumped to interesting conclusions :- The hacker, with unknown IP/location, attempts to implant scripts through jawa forms and subsequent plans. The scripts are planted on my website ukmall.net , boomerbible.com , stoneproperties.co.uk . With frequency setting, script on second site is triggerred from first. Script on third site is triggerred from second. script on first site is triggerred from third. Monster scripts in deep directories boomerbible.com/instapunk/MType/archives/ajuq/evuji/ may remain unnoticed for long. If detected by me, I would accuse IP of stoneproperties.co.uk and may block it. All the three victims would be blocking one another and hacker would remain safe at his place. Hence IP 213.217.149.60 accused by me may even belong to a victim like me.
Hi we are in no relation to the hacking ip, blocking it with the .htaccess file will work or you can block it from the cpanel as well. even if those ips are victims then i would still block the ips if the hacker had access to use their ip to get to your sites then you want them blocked. Also make sure all your scripts are up to date and all patches in place to make sure you have no security holes. Check your data base as they may injected something in there and corrupted your data base.,.
Your information is technically 100% suggestive of your enviable experience. I did block IP in .htaccess file. Perhaps I failed to understand "I would also block the ip from your site as well". How would you block 3rd party IP from my site?
Yes you did block it from your site with the .htaccess file.. I said that before you replied that you blocked it form your .htaccess