The Support Forums will be in read-only mode for a scheduled maintenance window on 01 September 2016 14:00 UTC - 20:00 UTC. More information.

Protecting against being hacked (4 posts)

  1. tbm2
    Posted 3 years ago #


    In my stats log I've noticed a lot of entries over the past few days where the page accessed is reported as things like:


    These pages don't exist on my site and from a quick look I guess they're obviously some form of bot attempt to hack my site. I have seen similar things like this in my stats before but it seemed to stop after a while. But over the last few days I'm seeing a lot of this kind of thing in my stats logs. The referral domains always seem to be something along the lines of flickr.com.xxxx.com

    I'm aware of the timthumb hack and I've run checks to make sure I'm not susceptible to that, but I'm not sure what else I need to do to try and make sure my security is up to par.

    Can anyone point me in the direction of tips, suggestions or further reading as I'm not sure what I need to be doing to maximise security. Is it possible to block/minimise these kind of attacks via plugins or other means?

    I'm obviously no expert on security but I am prepared to try and learn more - I just don't know where I should start...

  2. The Hack Repair Guy
    Posted 3 years ago #

  3. tbm2
    Posted 3 years ago #

    Thank you - I just needed somewhere to start, so that's much appreciated :)

    Will check out the links.

  4. budykiller
    Posted 3 years ago #

    Looks like timbthumb hack attempts.

    What you can do is subscribe to a newsletter. Like securityfocus or bugtraq to be informed of any new vulnerabilities.

    You have maybe 10 vulnerabilities a week about CMS and plugins. This way you can trace new exploit and make changes to prevent attacks.

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.