1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Drive-by SQL scrapers

Discussion in 'Forum Management' started by Teapot, Feb 18, 2016.

  1. Teapot

    Teapot Well-Known Member

    Just a heads-up – we're currently getting brute-forced by some script kiddies who are trying to get access to our forum any way they can. We're reasonably safe, but I wanted to flag this for anyone else: they're trying to scrape SQL files in our root directory.
    Code:
    [Wed Feb 17 13:27:38.442985 2016] [authz_core:error] [pid 29389] [client 5.167.237.144:57051] AH01630: client denied by server configuration: /home/www/public_html/mysql.sql
    [Wed Feb 17 13:27:38.231858 2016] [authz_core:error] [pid 24983] [client 5.167.237.144:57037] AH01630: client denied by server configuration: /home/www/public_html/pokecharms.sql
    [Wed Feb 17 13:27:38.028384 2016] [authz_core:error] [pid 26746] [client 5.167.237.144:57030] AH01630: client denied by server configuration: /home/www/public_html/pokecharms.com.sql
    [Wed Feb 17 13:27:37.882496 2016] [authz_core:error] [pid 28630] [client 5.167.237.144:57024] AH01630: client denied by server configuration: /home/www/public_html/backup.sql
    [Wed Feb 17 13:27:37.882489 2016] [authz_core:error] [pid 29605] [client 5.167.237.144:57020] AH01630: client denied by server configuration: /home/www/public_html/base.sql
    [Wed Feb 17 13:27:37.317718 2016] [authz_core:error] [pid 29605] [client 5.167.237.144:57010] AH01630: client denied by server configuration: /home/www/public_html/sql.sql
    [Wed Feb 17 13:27:37.236933 2016] [authz_core:error] [pid 29260] [client 5.167.237.144:57008] AH01630: client denied by server configuration: /home/www/public_html/dump.sql
    So, if you're unwise enough to leave a backup SQL anywhere publicly-accessible, get rid of it immediately. Seriously.
     
    ForestForTrees and MasonK like this.

Share This Page