Register Members List Search Today's Posts Mark Forums Read

Thread Tools
Old 15 Sep 2014, 22:11
AndrewSimm's Avatar
AndrewSimm AndrewSimm is offline
Join Date: Sep 2006

s=/proc/self/environ included after the url appears to be an attack on my site. Has any other users experienced anything like this and was the attack successful?

I added the following to my iptables

Last edited by AndrewSimm; 15 Sep 2014 at 22:46. Reason: updated list of IP's
Reply With Quote
Old 15 Sep 2014, 22:40
tbworld tbworld is offline
Join Date: Oct 2008
Most hosting services will protect you against this kind of information attack. Blocking the IP addresses is the correct action. Those that run their own servers will be the largest at risk, as they tend not to be setup correctly and are typically less secure. This type of information attack was introduced back in late 2010.

Reply With Quote
Old 15 Sep 2014, 22:46
AndrewSimm's Avatar
AndrewSimm AndrewSimm is offline
Join Date: Sep 2006
I lease a server from wiredtree. I do run mod_security which from what I understand should prevent it.
Reply With Quote
Old 16 Sep 2014, 09:26
Dave Dave is offline
Join Date: Jun 2010
Real name: Dave
A WAF (Web Application Firewall) is not going to protect you from hackers. If someone really wants to hack your website, they can just find a way to bypass the WAF which isn't that hard.
Reply With Quote

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

New To Site? Need Help?

All times are GMT. The time now is 23:14.

Layout Options | Width: Wide Color: