Hello,everyone!
I read my apache access log from time to time and discovered these this morning:
Quote:
118.123.240.176 - - [30/Mar/2012:04:22:34 +0800] "GET /w00tw00t.at.blackhats.romanian.anti-sec HTTP/1.1" 401 401 "-" "ZmEu"
118.123.240.176 - - [30/Mar/2012:04:22:34 +0800] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 401 401 "-" "ZmEu"
118.123.240.176 - - [30/Mar/2012:04:22:34 +0800] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 401 401 "-" "ZmEu"
118.123.240.176 - - [30/Mar/2012:04:22:34 +0800] "GET /pma/scripts/setup.php HTTP/1.1" 401 401 "-" "ZmEu"
118.123.240.176 - - [30/Mar/2012:04:22:35 +0800] "GET /myadmin/scripts/setup.php HTTP/1.1" 401 401 "-" "ZmEu"
118.123.240.176 - - [30/Mar/2012:04:22:35 +0800] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 401 401 "-" "ZmEu"
|
I guess,this robot or any crap like that wanted to guess whether I have phpmyadmin in my web root.Except blocking this ip,is there any method which I can do to prevent any further attack?
Please drop me a line if you have any ideas.