Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
selfinfliction
New Member
New Member


Joined: Jun 17, 2007
Posts: 8

PostPosted: Wed Jun 27, 2007 8:55 am Reply with quote

got 4 different emails today containing similar text with different ip's:

Quote:
Date & Time: 2007-06-27 06:39:53 PDT GMT -0700
Blocked IP: 203.150.225.*
User ID: Anonymous (1)
Reason: Abuse-Filter
--------------------
User Agent: libwww-perl/5.64
Query String:
Only registered users can see links on this board! Get registered or login!
Get String:
Only registered users can see links on this board! Get registered or login!
Post String: Only registered users can see links on this board! Get registered or login!
Forwarded For: none
Client IP: none
Remote Address: 203.150.225.xxx
Remote Port: 59853
Request Method: GET
--------------------
Who-Is for IP
Unable to query WhoIs information for 203.150.225.xxx.



I understand it is something that is getting blocked, but what does the "query" and "get" string info mean? was it someone trying to hack the site or something?

thanks in advance
 
View user's profile Send private message
Gremmie
Former Moderator in Good Standing


Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA

PostPosted: Wed Jun 27, 2007 10:30 am Reply with quote

The query and get strings show what was presented to the PHP script from the outside world. Yes, someone was trying to hack your site....a lovely feeling isn't it? They were trying to exploit something in the vwar module it looks like. You may not even have that module, they don't know that, they are just trying the locks on your doors at random...

The user agent means they were using a Perl script to execute the attack. You can setup your .htaccess file to block all user agents that start with libwww-perl, and that can help. Search the forums for that, it has been discussed many times.

_________________
Only registered users can see links on this board! Get registered or login! - An Event Calendar for PHP-Nuke
Only registered users can see links on this board! Get registered or login! - A Google Maps Nuke Module 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©