Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 15 Sep 2014, 22:11
AndrewSimm's Avatar
AndrewSimm AndrewSimm is offline
 
Join Date: Sep 2006
s=/proc/self/environ

s=/proc/self/environ included after the url appears to be an attack on my site. Has any other users experienced anything like this and was the attack successful?

I added the following to my iptables

54.208.36.248
188.165.12.96
211.206.122.183
212.48.78.194
213.235.225.244
74.208.193.37
94.23.254.120

Last edited by AndrewSimm; 15 Sep 2014 at 22:46. Reason: updated list of IP's
Reply With Quote
  #2  
Old 15 Sep 2014, 22:40
tbworld tbworld is offline
 
Join Date: Oct 2008
Most hosting services will protect you against this kind of information attack. Blocking the IP addresses is the correct action. Those that run their own servers will be the largest at risk, as they tend not to be setup correctly and are typically less secure. This type of information attack was introduced back in late 2010.

Reply With Quote
  #3  
Old 15 Sep 2014, 22:46
AndrewSimm's Avatar
AndrewSimm AndrewSimm is offline
 
Join Date: Sep 2006
I lease a server from wiredtree. I do run mod_security which from what I understand should prevent it.
Reply With Quote
  #4  
Old 16 Sep 2014, 09:26
Dave Dave is offline
 
Join Date: Jun 2010
Real name: Dave
A WAF (Web Application Firewall) is not going to protect you from hackers. If someone really wants to hack your website, they can just find a way to bypass the WAF which isn't that hard.
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 23:14.

Layout Options | Width: Wide Color: