Blog » Site and Server Security

Site and Server Security

Category to discuss web site and server security.

GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1

You have seen the following in your Apache or your web server’s logs for your websites: xx.xx.xx.xx – – [xx/xx/xxxx:18:56:22 +0300] “GET /w00tw00t.at.ISC.SANS.test0:) HTTP/1.1” 400 166 “-” “-” xx.xx.xx.xx – – [xx/xx/xxxx:06:18:21 +0300] “GET /w00tw00t.at.ISC.SANS.test0:) HTTP/1.1” 400 166 “-” “-” xx.xx.xx.xx – – [xx/xx/xxxx:11:41:35 +0300] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1” 400 166 “-” “-” xx.xx.xx.xx – – …

GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1 Read More »

phpBB 3.0.7 security vulnerability

Recently, phpBB 3.0.7 was released by phpbb.com. They discovered a new security vulnerability in phpBB 3.0.7 version which was not noticed during testing. Following is the original announcement: —————————————————————— We are sorry to announce the immediate release of phpBB 3.0.7-PL1 to address a security issue which was introduced in 3.0.7, unfortunately the issue wasn’t noticed …

phpBB 3.0.7 security vulnerability Read More »

Links are added automatically in the index page of the website – adsttnmq1/sdioyslkjs2 attack

Recently I faced problem with one of the websites in which there were many links added automatically in the index page. The FTP password was reset many times but it didn’t fix the problem. Even there was no logs for FTP access for this website. After checking all the files/folders of this website, I found …

Links are added automatically in the index page of the website – adsttnmq1/sdioyslkjs2 attack Read More »

WordPress and mod_security2 issues

ModSecurity is an open source web application firewall. This helps to prevent attacks on websites, SQL injection, command execution via browser etc. However, this may break some application installed in your website. With ModSecurity2, you can not bypass any rule by ID from your .htaccess file. If your WordPress hosting provider has enabled mod_security with …

WordPress and mod_security2 issues Read More »

Security vulnerabilities found in HyperVM and LXadmin/Kloxo

Recently, there were multiple security hyperVM discovered in hyperVM and Lxadmin/Kloxo and they had instructed to upgrade hyperVM/Kloxo systems to the latest version as soon as possible. If you have still not upgraded your HyperVM/Kloxo systems then it’s time to upgrade the system. They have not yet posted the vulnerabilities but according to them they …

Security vulnerabilities found in HyperVM and LXadmin/Kloxo Read More »

“This site may harm your computer” on every Google search result ??

Recently, you might have noticed that every Google search results were showing the message “This site may harm your computer”. This was happened on Jan 31, 2009 between 6:30 a.m. PST and 7:25 a.m. PST. This was clearly an error. According to Google, it was a human error. Google flags search results with the message …

“This site may harm your computer” on every Google search result ?? Read More »

Pentagon computers infected by agent.btz Virus / Worm

Recently Some Defense Department computer networks have been infected with a virus / worm in Pentagon US. Fox news reported that the virus has continued to spread rapidly through military networks for nearly a week now. Wired.com reports that the virus is a worm named Agent.btz that travels through removable storage devices such as flash …

Pentagon computers infected by agent.btz Virus / Worm Read More »