Website probbed for link to database

 
Post new topic   Reply to topic    34SP.com Forum Index // Database Support
View previous topic :: View next topic  
Author Message
vdub
34SP Newbie
34SP Newbie


Joined: 18 Jun 2002
Posts: 96

PostPosted: Wed Dec 01, 2010 4:02 pm    Post subject: Website probbed for link to database Reply with quote
Over the past 2 days I have had about 50 (and counting) attempts to access my website through generic database url's. for example

Tools/phpMyAdmin/index.php
mysqladmin/index.php
mysql-admin/index.php
webdb/index.php
websql/index.php

The remote address used for these attacks include
12.47.45.154
174.129.4.125
95.129.49.136

Is anyone else experiencing this? Is it worth while trying to block these IP's?
Back to top
View user's profile Send private message
philr
Super Member
Super Member


Joined: 05 Nov 2003
Posts: 990
Location: Exeter

PostPosted: Wed Dec 01, 2010 4:33 pm    Post subject: Reply with quote
Happens all the time, I'm afraid

If you want to do something about it, a WHOIS search will provide you with contact details for the offending IPs, and ipinfodb.com is useful for figuring out their geographical location.

174.129.4.125 is a cloud server belonging to Amazon Web Services, which seems to be a major source of this sort of traffic. I blocked them all some time ago, along with theplanet.com which also seems to be hosting a lot of nasty bots. You can block them out by adding this to your .htaccess file:

Code:
<Limit GET HEAD POST>
Order Allow,Deny
Allow from all
# Bots hosted at theplanet.com
Deny from 74.52.0.0/14
Deny from 64.5.32.0/19
Deny from 64.246.0.0/18
Deny from 66.98.128.0/17
Deny from 67.15.0.0/16
Deny from 67.18.0.0/15
Deny from 69.93.0.0/16
Deny from 70.84.0.0/14
Deny from 74.52.0.0/14
Deny from 75.125.0.0/16
Deny from 207.44.128.0/17
Deny from 209.62.0.0/17
Deny from 216.127.64.0/19
Deny from 174.132.0.0/15
Deny from 174.120.0.0/14
# Amazon AWS bots
Deny from 67.202.0.0/18
Deny from 72.44.32.0/19
Deny from 75.101.128.0/17
Deny from 79.125.0.0/18
Deny from 174.129.0.0/16
Deny from 184.72.0.0/15
Deny from 204.236.128.0/17
Deny from 216.182.224.0/20
</Limit>


You can also block specific IP addresses by adding extra rules between the <Limit> ... </Limit> tags, e.g.:

Code:
Deny from 12.47.45.154
Deny from 174.129.4.125
Deny from 95.129.49.136

_________________
Phil Ronan
フィリップ・ローナン
Back to top
View user's profile Send private message Visit poster's website
vdub
34SP Newbie
34SP Newbie


Joined: 18 Jun 2002
Posts: 96

PostPosted: Wed Dec 01, 2010 11:40 pm    Post subject: Reply with quote
Cheers Phil. file updated
Back to top
View user's profile Send private message
Post new topic   Reply to topic    34SP.com Forum Index // Database Support All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Powered by phpBB © 2001, 2002 phpBB Group