Quote:
Originally Posted by TrixieSixx
I have no web training, but really enjoy being thrown into it unexpectedly, and have been on the lookout for hackers. The old webmaster used a "backdoor" into the site, and deleted some pages, so I try to keep an eye on the access log to see who has been looking at what.
I came across a bunch of these types of codes:
"GET /phpMyAdmin-2/index.php HTTP/1.1"
"GET /phpMyAdmin/index.php HTTP/1.1"
"GET /mysqladmin/index.php HTTP/1.1"
"GET /db/index.php HTTP/1.1"
It's a strange IP also, in another country, I have blocked it to be safe, but I wasn't sure if this was a way into the site? I don't want to go on a blocking rampage, but I don't normally see anyone trying to access anything php related, any insight is helpful.
Thanks,
Trix
|
if those have a code like 404 dont worry
if code is 2xx page was found depending how old it is you may have been hacked,
phpmyadmin is one of the mose insecure pieces of software out there, you should not have it unprotected, delete all the phpmyadmin installs , install a private secure by ip/login one save your self some headaches
__________________
Need help dealing with a hacked website? Contact me via icq 163583431 :D
Premium Bandwidth Managed Servers, 12 Years in business
xxxHOSTit.com
I work for xxxhostit.com
