Recent Topics
  1. b2evolution CMS Support Forums
  2. b2evolution Support
  3. General Support
  4. [6.6.7] - hack attack?

[6.6.7] - hack attack?

1 Jan 10, 2016 03:44    

In the last hours I got thousands of request like this from different IP addresses:
http://ednong.de/blogs/htsrv/call_plugin.php?plugin_ID=33&method=display_captcha&params=a%3A1%3A%7Bs%3A6%3A%22pubkey%22%3Bs%3A32%3A%22ea3dbe247bafb77ad327f6be8f2b3c04%22%3B%7D

The key at the end will differs - so I ask myself: is this an attack for trying to log in with differences passwords/a list of passwords? What is the meaning of the plugin with the id 33? I can't find such a plugin because I see only names or the abbreviation of the plugins. And the priority of the plugins ends always on "0" (okay, some of them ends with 4, 5 or 6). But there will be no "33".

Or are these ppl trying an attack that will works on WP? And how I can stop this things?

Back to top

2 12 Jan 2016 03:45

I think this is specific to your site because WP doesn't have an /htsrv/ folder IIRC.

Edit the settings of the Captcha plugin on your system and you should see the plugin ID in the URL bar.

If you see many such calls in a row, maybe they are reloading the captcha until they find one they can decipher?

Back to top

3 12 Jan 2016 04:05

"... they are reloading the captcha until they find one they can decipher?" - yes, that could it be. I'm using blueyed's captcha plugin. And this plugin has the ID 33, yeah.

So I think it's okay - I guess it is what you said. Maybe they give up to decipher ... ;)

Back to top


Form is loading...