Recent Topics

[6.6.7] - hack attack?

Started by on Jan 10, 2016 – Contents updated: Jan 24, 2016

Jan 10, 2016 03:44    

In the last hours I got thousands of request like this from different IP addresses:
http://ednong.de/blogs/htsrv/call_plugin.php?plugin_ID=33&method=display_captcha&params=a%3A1%3A%7Bs%3A6%3A%22pubkey%22%3Bs%3A32%3A%22ea3dbe247bafb77ad327f6be8f2b3c04%22%3B%7D

The key at the end will differs - so I ask myself: is this an attack for trying to log in with differences passwords/a list of passwords? What is the meaning of the plugin with the id 33? I can't find such a plugin because I see only names or the abbreviation of the plugins. And the priority of the plugins ends always on "0" (okay, some of them ends with 4, 5 or 6). But there will be no "33".

Or are these ppl trying an attack that will works on WP? And how I can stop this things?

12 Jan 2016 03:45

I think this is specific to your site because WP doesn't have an /htsrv/ folder IIRC.

Edit the settings of the Captcha plugin on your system and you should see the plugin ID in the URL bar.

If you see many such calls in a row, maybe they are reloading the captcha until they find one they can decipher?

12 Jan 2016 04:05

"... they are reloading the captcha until they find one they can decipher?" - yes, that could it be. I'm using blueyed's captcha plugin. And this plugin has the ID 33, yeah.

So I think it's okay - I guess it is what you said. Maybe they give up to decipher ... &#59;)


Form is loading...

free blog tool – This forum is powered by b2evolution CMS, a complete engine for your website.