P
P
Prosto2014-10-17 11:43:49
Apache HTTP Server
Prosto, 2014-10-17 11:43:49

How to block hacking attempts?

The following entries appear in the logs every day:

server_name.ru 94.201.70.238 - - [17/Oct/2014:11:50:48 +0400] "GET /js/)[this.options.html? HTTP/1.0" 404 5538 "-" "Java/1.6.0_17"

my_server_name.ru 94.201.70.238 - - [17/Oct/2014:11:50:55 +0400] "GET /assets/e9139780/));Nt.optgroup=Nt.option,Nt.tbody=Nt.tfoot=Nt.colgroup=Nt.caption=Nt.thead,Nt.th=Nt.td,v.support.htmlSerialize||(Nt._default=[1, HTTP/1.0" 404 5660 "-" "Java/1.6.0_17"

my_server_name.ru 109.227.85.58 - - [17/Oct/2014:06:27:38 +0400] "HEAD /lib/uploadify/uploadify.swf HTTP/1.0" 404 - "http://casender.ru/lib/uploadify/uploadify.swf" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

my_server_name.ru 67.148.203.206 - - [17/Oct/2014:07:47:40 +0400] "GET /templates/ccs.php?input HTTP/1.0" 404 5533 "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0; Hotbar 4.6.1)"

my_server_name.ru 67.148.203.206 - - [16/Oct/2014:12:32:08 +0400] "GET /components/com_content/views/article/tmpl/ccs.php?input HTTP/1.0" 404 5565 "-" "Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 2.0.50727)"

my_server_name.ru 67.148.203.206 - - [16/Oct/2014:16:12:21 +0400] "GET /images/ccs.php?input HTTP/1.0" 404 5530 "-" "yoono/1.0 web-crawler/1.0"

my_server_name.ru 67.148.203.206 - - [16/Oct/2014:12:32:08 +0400] "GET /components/com_content/views/article/tmpl/ccs.php?input HTTP/1.0" 404 5565 "-" "Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 2.0.50727)"


Well, regularly trying to define cms. To confuse, I created empty login pages in popular cms.

Site on Yii, on a popular shared hosting.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
R
Rsa97, 2014-10-17
@Rsa97

fail2ban will help you

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question