WordPress.org

Support

Support » Plugins and Hacks » WordPress Firewall No Plugin

WordPress Firewall No Plugin

  • spartyjoe
    Member

    @spartyjoe

    Hello,

    I’m using WordPress Firewall 2 and it reported the following:

    WordPress Firewall has detected and blocked a potential attack!

    Web Page:
    wp-content/plugins/1-flash-gallery/upload.php?action=uploadify&fileext=php
    Warning: URL may contain dangerous content!
    Offending IP:
    178.137.166.209 [ Get IP location ]
    Offending Parameter:
    $_FILE = index.bak.php

    This may be a “Executable File Upload Attack.”

    I’m also using NextGEN Gallery v1.9.2, but not 1-flash-gallery plugin. Any ideas as how to start tracking down the root cause?

Viewing 2 replies - 1 through 2 (of 2 total)
  • kendawes
    Participant

    @kendawes

    Hi Joe,

    What Firewall 2 is reporting is that the attack was trying to exploit a (possible) vulnerability in 1-flash-gallery.

    If you had that plugin and didn’t have Firewall 2, you might have a problem!

    Think of the WordPress attackers as having a really big keychain with lots and lots of keys that they keep trying on your door. They keep trying different keys in the hope that *one* of them will fit. Firewall 2 just lets you know that their key didn’t work….

    Ken

    kendawes
    Participant

    @kendawes

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘WordPress Firewall No Plugin’ is closed to new replies.