Hi,
Ever since I launched my website, its being targeted by hackers. They try to access password file on server, websites config file and trying to access pages which do not exists. I am using captcha, which prevents the spam bots from flooding the site from posting spam material. But I really concerns about the site activities and would like to deny such attacks and activities.

Here are some of the patterns from access log

http://joshics.in/tikiwiki/tiki-graph_formula.php?w=1&h=1&s=1&min=1&max=...()&t=png&title=./../../../../../../../../etc/passwd

http://joshics.in/%20%20/inc/cmses/aedatingCMS.php?dir[inc]=http://zebed...??

Is there any module or tool around to prevent this?

Regards.

Comments

aitala’s picture

Try the phpIDS module... http://drupal.org/project/phpids

Eric

__________
Eric Aitala - ema13@psu.edu
Penn State

224b8605113373e086cb27708ff301ba18ce394db1996e7e22928e4555e0d20b1b6cecc7f67c9bd9e536cb915779c485