Search

Recent Posts

Tags

« Previous Entries

GeoIP origins of malicious network activity

Sunday, April 28th, 2013

I have previously written that GeoIP data is not a reliable source for definitive data analysis – it is, however, a reasonable indicator.  The numbers below are from a single server (logged during the past few years) and don’t really provide any surprises.  Some things to keep in mind: raw IP information is only an Continue reading →

WordPress – BotNet Login Hacking Attacks

Friday, May 11th, 2012

So, why should you use login restrictions or a Login monitor (plugin or other solution) for your WordPress site? Just one reason – from one day of web logs for one domain – there were no successful logins during this ‘attack’. 5/9/2012 Fail | Start/Stop | IP address | GeoIP Info —–|——————-|—————–|—————————————-   1.    1 Continue reading →

PHP – decoding ‘gzinflate(str_rot13(base64_decode’ hack attempts

Monday, April 9th, 2012

A recent ‘alarm’ about RFI (remote file inclusion)  ‘attacks’ against PHP coded web sites (i.e. any WordPress site) got me curious about some of my log messages.  In this case the web server/PHP application were not compromised due to a somewhat guarded server configuration.  The configuration also ‘captured’ the triple-encoded attack code (some excerpts below.) Continue reading →

Abuse from BingBot – 2012

Tuesday, March 13th, 2012

Stardate errr, ummm, well 3/12/2012 (Monday.) Hopefully this will not persist… I have sent a message via the Bing.com  ‘feedback’ page. I have sent an email via a published bingbot email address. No response from Bing.com after ~15 hours… I have established a ‘503’ response for ALL Bingbot requests. Update 3/15/2012 Late in the day Continue reading →

WordPress security note – setup-config.php

Wednesday, January 25th, 2012

Limiting access to WordPress /wp-admin/* tools should be a standard approach; since there are so many installation scenarios this might not always be possible so some WordPress specific mod_security rules (see links below) may be more appropriate.  You may also want to consider some of the free WordPress security plugins.  Additional WordPress specific security-related suggestions/discussion Continue reading →

« Previous Entries

________________________________________________
YOUR GeoIP Data | Ip: 73.21.121.1
Continent: NA | Country Code: US | Country Name: United States
Region: | State/Region Name: | City:
(US only) Area Code: 0 | Postal code/Zip:
Latitude: 38.000000 | Longitude: -97.000000
Note - if using a mobile device your physical location may NOT be accurate...
________________________________________________

Georgia-USA.Com - Web Hosting for Business
____________________________________