Blog | Scams
URL web address attempted breakins
We have for some considerable time been monitoring all the URL web addresses that are submitted to our maby websites. It doesn`t stop robot servers continually trying to break in.
This particular page on the web site has the URL web address of : http://2mx.co.uk/news.php?c=Blog&sc=Scams&ID=3643 or on our permalink site https://2mx.it/url-web-address-attempted-breakins If as a developer you do not monitor the values c and ID then badly formatted data can inject data int your database or access files on your server.
We have successfully blocked 22,000+ separate IP addresses from breaking into our system. Some of these have tried over 33,000 times (.ru), some give up after the 1st or second attempt !
Why wait for hackers to break in, block them on the first attempt. if they have "=" or "script" in the URL then ban them immediately. Don`t give them hundreds or thousands of chances to attempt a break in !
I don`t run Wordpress, if I see a wordpress attempt on our sites I ban that IP address immediately. Why I hear you ask ?? That user would know that I don`t have a wordpress website so they must be scouring looking for wordpress site to break in. So I immedtaley don`t trust them !
For example, if you see this on an address in your apache log you know you are seeing hacks and trying to break in.
URL = ?c=Help&Aotf=6605%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema.tables%20WHERE%202%3E1--%2F%2A%2A%2F%3B%20EXEC%20xp_=%28%27cat%20..%2F..%2F..%2Fetc%2Fpasswd%27%29%23
Latest
- Don`t ! Be extremely vigilant.
- Netflix subscription problem
- You have 6 failed incoming mails!!!
- Validation error - 1 pending Messages. (scam)
- Mailbox full scam
- Billing Scam`s easy to spot
- Warning on scams - Paid invoices
- Warning on scams - Mailbox Full
- Typical email phishing
- URL web address attempted breakins