Jump to content
xisto Community
Sign in to follow this  
Followers 0
shadowx

Http Logs For Directory "iqici" Anyone Else?

By shadowx, in Websites and Web Designing

Recommended Posts

shadowx    0

shadowx
Posted

I have had this before and at the time it seems my site may have actually been infected with something, this time my site is secure and my custom error handling is taking care of the problems.My access logs have a lot of requests for PHP scripts in the directory "mysite.com/iqici/sbtih" originating from different IPs on different subnets, suggesting they could be from a botnet perhaps or some other geographically dispersed network.Is this a well known thing?Like I said, my site is not at risk but it does show a number of clients requesting the same or similar files, so either they are command files for a botnet or they are part of a well known root kit or other exploit that clients are blindly trying to find by hitting every domain out there for those specific files.Any insight?Also had a hit for a wordpress upload URL so there must be an exploit out there for that too considering I dont use WP :P

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept