Been getting lots of bot searching for database dumps in many kinds of formats.
Update: Its getting out of hand. ALL of the exploit searching now results in the entire block getting server side banned. They are also commented in the lists so I know not to remove them.
Oh let me count the ways why all 106 or 206 attempts WILL fail:
• Full database backups are NOT stored in /public_html. Actually database backups are downloaded to my machine. The only backups I have on the server is "default settings", and RPG Manager backups. This way I can factory reset the CMS if needed. And that backup has a salted password hash that the system forces me to reset on restore.
• The requested filenames are all wrong too. Not even close.
Nice try, but here's your YOU FAIL award.
The next CMS update will have an anti-hammering system in place so these excessive requests will get rejected by the CMS. Completely. Right now I have to do them by hand. Also during the next update all block-lists from my sites will be merged, and I will chop as many class B & C addresses as possible to eliminate an excessive lists. This will become an automated function as well after the next security update. |