Hacking attempt! Should I be worried?
Danny_Joris - September 15, 2009 - 00:43
Hi all,
I logged in as a User-1 and checked my recent log entries. It looks like someone tried to hack my website. I made a print screen to show the kind of urls it tried to use. There were 10 log pages full of this. I don't know if I should be worried or not. Is Drupal well protected against that? And what would this person be after? Is there a module that can warn me with an email if this happens?
This website will be an online store. I have SSL-security at the url's that are recommended by some of the Ubercart developers. But I can't help to feel worried.
http://www.dannyjoris.be/files/fora/hack-attempt.jpg
Any help is greatly appreciated!
Cheers,
Danny
I am no expert but you could
I am no expert but one thing that could be done is to block the IP address that the scan came from...
_
I installed the Troll Module, which can block IP addresses. And clicking on the log messages shows the IP address.
expect to get a lot more of these
Those are just attempts to probe for outdated versions of the phpMyAdmin software. You are likely to see a lot of these as worms attempt to attack outdated software on your site regardless of whether or not your site runs that software. I frequently see probes related to wordpress or joomla or even outdated versions of Drupal. Just stay up to date and you should be all set.
--
Growing Venture Solutions | Drupal Dashboard | Learn more about Drupal - buy a Drupal Book
_
Today this website that i was talking about went down all of a sudden. I'm still able to login trough ftp though. I really hope this is caused by the hosting. I have another website on the same hosting and that one is not down. I'll contact the hosting company.