my log files are showing attempts to load the following url by someone in the Ukraine. I don’t think it’s a harmful request as it simply gets a ‘bad request’ response from the browser. Just wondering if anyone here has seen this type of request before and whether I should block the ip.
Regards and happy new year
If you don’t know what it is, I think you shoul block that IP (how do you do that?).
Better safe than sorry…
yes, I’ve already put a temporary block on the IP. It’s a wordpress site and I use wordfence plugin to block the IP. however, if you have access to the server, the IP can be blocked from there.
“wordfence plugin” thank you for the tip. My site is also a Wordpres
I get those types of requests all the time, usually from Russia, Ukraine, and China. I’m not sure what the intention is, but my guess is that some bot is probing for any type of security vulnerability it can find. If you block the IP then you can expect to block more IPs because it isn’t hard for a hacker to find a new IP address.
I guess this type of request is not doing any harm. However, I have noticed an attempt to login (this time from USA) to my wordpress admin where the user name was entered as:
The login failed, but I’m a little worried by what they are trying to attempt here - any ideas anyone?
The only thing you can do is to change (or remove) any user’s name begining with ‘admin’.
The funny point here is that I got the same thing on my site and that leeds me to think of a bot doing “research”
Running a Wordpress site you are going to be scanned and probed, nothing you can do about that. Wordpress is filled with vulnerabilities, you need to keep it updated. This is why I don’t use it for client sites, they always get too lazy and fail to update.
You have nothing to worry about here.
- The user name is to long according to any standard.
- It contains characters parsed out by WordPress.
- The login failed… :x
I am so greatfull to you for suggesting this plugin.
Now I have ‘friends’ all over the world, some of them…:mad: