Si Posted October 26, 2013 Share Posted October 26, 2013 (edited) Hi, It's fairly crude but almost too simple. I have all sorts of security updates, mod_sec realtime, changed admin folder name, .htaccess/pwd and other measures in place. I just got a ticket from a visitor using a Serbian IP address, asking: Can you host this script.....http://...... and then giving a url in wordpress format. The likelihood is that clicking on that link would take me to a page that would harvest where the visitor (me) came from, revealing my changed administration folder address. BEWARE! Si Edited October 26, 2013 by Si 0 Quote Link to comment Share on other sites More sharing options...
Si Posted October 26, 2013 Author Share Posted October 26, 2013 (edited) Just did a search on the forums here for the user's IP just to see if it appeared here, and voila, it did. On this thread: http://forum.whmcs.com/showthread.php?80423 While I know most of you here wouldn't click on these links, can you be sure your staff would be that aware? Block the IP's listed on that thread above and make your staff aware of the strategies being used. Edited October 26, 2013 by Si 0 Quote Link to comment Share on other sites More sharing options...
John R Posted December 23, 2013 Share Posted December 23, 2013 That's the part that concerns me the most. I know I would never click on anything like that having experienced this sort of thing before, but my staff just might and there is nothing I can do to stop it since I am not in their heads 24/7. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.