[TriLUG] Web attack?
Ken M
ken at mack-z.com
Sat Sep 6 20:38:32 EDT 2014
Quick googling and i found this:
http://perishablepress.com/wordpress-xmlrpc-pingback-vulnerability/
So they are looking for a wordpress exploit. If you are not serving wordpress I would block based on the request for that.
Sent from my iPad
> On Sep 6, 2014, at 8:34 PM, David Both <dboth at millennium-technology.com> wrote:
>
> I do. I have enabled the bad-bots but these do not appear to be listed there. I suppose I will have to create a configuration for lots of hits from an IP as I don't see one like that. Since the vast majority of these seen to be looking for specific PHP file I could key on that.
>
> Thanks!
More information about the TriLUG
mailing list