View Full Version : Weird URLs in pixelpost_visitors table
There is some kind of issue with the links I have in my pixelpost_visitors table. Everything works smooth in my photoblog, nobody complained about broken links or lacks of functionality. Still... there is something weird in the visitors table AND I think some tries to do aome hack or... I don't know. Here's how the table looks like:
Should I be worried? I've banned already 3 IPs with htaccess(diferent, something like 61.x.x.x, 89.x.x.x...) and now the the forth came up.
Is there any reason I should be worried about?
01-19-2008, 03:16 PM
I had the same thing in my raw access logs earlier this week. Whoever it is, they are trying to do a directory traversal attack. What that means is they are trying to figure out the full directory path of your server so they can try to get above the public_html directory to the core of the server, most likely with the intent to hack it.
If the server is configured/secured properly, then they will get a 404 error each time, but they will keep trying. Most of these are probably from an automated script - if you look at the raw access logs, the times are probably only seconds apart.
I believe that Pixelpost has code built in to deal with this, and to stop whoever it is from getting somewhere they shouldn't be. My primary concern would be - does your webhost has the server secured from this type of thing?
You can ban the IP addresses, but each time it happens they will use a different IP, so that probably won't be very effective, but it can't hurt either.
A good rule to follow: make sure you keep your files and database backed up on a regular (translated: daily) basis - don't rely on your host to have an up-to-date backup if something happens. Some of them will, but some will have a backup that could be days or weeks old. It's really up to you to keep your local backups up-to-date.
I tried myself those URLs and they stop at the site index. Indeed, it seems that PP know how to behave in situations like this.
Anyway, any change to my website results in a new backup (even from the first day of it's existence) so in case of extreme emergency, there's a .zip I can rely on. :)
vBulletin® v3.7.3, Copyright ©2000-2013, Jelsoft Enterprises Ltd.