Quote:A 'page not found' error was encountered on the www.wantsfly.com domain
DETAILS:
----------------------------------------------------------------------
When: Tue Feb 23 2010 3:23:57 pm EST
Who: 61.183.15.9
Failed Page: http://www.wantsfly.comhttp://www.wantsfly.com/prx2.php
I keep getting these notices, my domain is not wantsfly.com, I do not understand why I keep getting this.
Where are you getting these notices and how are they caused?
What actions are you doing to cause the error?
Are you hosted on the same server?
I figured it was some type of hacker. Strange thing is that it wasn't even using my domain.
I have seen others that are looking at non-existent files/folders on my server. One noticeable one was setup.php within the phpmyadmin folder (which isnt setup...YET).
Looks like a proxy server or a translation service esp if its from china
Ignore thay last comment. Looks like a well known vuln scanner. Do a search for prx2.php in google. This guy is well known...
so what can be done? can I set a deny object in the .htaccess file to deny other countries besides the USA? I could input the IP of each failed attempt, but that would get annoying.
Have your host add a deny to it's ip_tables file.
Give them the domain name and ip address of the attacking site.
For now, I added the few IPs that I 'caught' into the firewall (iptables) of my NAS.
I found this site that might work for blocking whole countries.
http://ipinfodb.com/ip_country_block.php
If I continue to get these hack attempts I will add all of those IP ranges.