How do I react when somebody tries to guess admin directiories on my website?
Posted
by Konstantin
on Stack Overflow
See other posts from Stack Overflow
or by Konstantin
Published on 2010-03-19T12:44:42Z
Indexed on
2010/03/19
12:51 UTC
Read the original article
Hit count: 228
Hello!
I've been getting these messages in apache error.log for quite a while:
[client 217.197.152.228] File does not exist: /var/www/phpmyadmin
[client 217.197.152.228] File does not exist: /var/www/pma
[client 217.197.152.228] File does not exist: /var/www/admin
[client 217.197.152.228] File does not exist: /var/www/dbadmin
[client 217.197.152.228] File does not exist: /var/www/myadmin
[client 217.197.152.228] File does not exist: /var/www/PHPMYADMIN
[client 217.197.152.228] File does not exist: /var/www/phpMyAdmin
And many more different addresses. Looks like somebody is trying to guess where my admin applications are located. What should I fear in this situation, and what a knowledge of my admin addresses can give to attacker, if everything is password protected?
© Stack Overflow or respective owner