Author Topic: Attack on virtuemart 1.1.3  (Read 4001 times)

vmprimo

  • Beginner
  • *
  • Posts: 3
Attack on virtuemart 1.1.3
« on: May 19, 2009, 14:44:29 pm »
Hello!

Please check the attached log and see the types of attacks.

I look forward solutions to prevent or stop such an attack.

Good job.

[attachment deleted by admin]

jenkinhill

  • UK Web Developer & Consultant
  • Global Moderator
  • Super Hero
  • *
  • Posts: 27605
  • Always on vacation
    • Jenkin Hill Internet
Re: Attack on virtuemart 1.1.3
« Reply #1 on: May 19, 2009, 16:18:29 pm »
A quick check on the IP addresses of the "attackers" shows them to be known referrer link spammers. Deny those IPs using .htaccess

I assume you are using Joomla! 1.5.10 with VirtueMart 1.1.3

Good advice on security is on http://docs.joomla.org/Category:Security_Checklist

Also see http://community.joomla.org/blogs/leadership/523-take-the-easy-way-out-just-blame-joomla.html

Kelvyn

Jenkin Hill Internet,
Lowestoft, Suffolk, UK

Unsolicited PMs/emails will be ignored.

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

Currently using VM 3.6.10.10211 on Joomla 3.9.13 PHP 7.0.33

vmprimo

  • Beginner
  • *
  • Posts: 3
Re: Attack on virtuemart 1.1.3
« Reply #2 on: May 19, 2009, 17:01:39 pm »
Ok Thanks.

The list of blocked ips are:

66.249.67.9
207.44.232.81
218.246.20.221
202.53.250.22
124.0.73.2
72.3.226.56
91.121.210.42

Another question:
The next version will be fixes to block this type of attack?
It is almost impossible to block all ips used in attack, as they share with other facilities.

jenkinhill

  • UK Web Developer & Consultant
  • Global Moderator
  • Super Hero
  • *
  • Posts: 27605
  • Always on vacation
    • Jenkin Hill Internet
Re: Attack on virtuemart 1.1.3
« Reply #3 on: May 19, 2009, 17:30:26 pm »
I'm afraid there will always be script kiddies out there spamming server access logs and also probing at breaking into a site. Blocking them has to be at server level, unrelated to Joomla! or VirtueMart. I know of at least 3 people who have blocked all Chinese & Russian IP addresses with .htaccess - and those files are really huge.

All you can realistically do is keep up to date with latest versions of Joomla!, VirtueMart and any other componenet you may have installed.
Kelvyn

Jenkin Hill Internet,
Lowestoft, Suffolk, UK

Unsolicited PMs/emails will be ignored.

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

Currently using VM 3.6.10.10211 on Joomla 3.9.13 PHP 7.0.33

vmprimo

  • Beginner
  • *
  • Posts: 3
Re: Attack on virtuemart 1.1.3
« Reply #4 on: May 19, 2009, 17:40:55 pm »
Hello Kelvyn.

I thank you for your attention in the responses.

Thank you very much.

vjtemplates

  • 3rd party VirtueMart Developer
  • Jr. Member
  • *
  • Posts: 262
    • VJ Templates
Re: Attack on virtuemart 1.1.3
« Reply #5 on: May 24, 2009, 20:03:35 pm »

The list of blocked ips are:

66.249.67.9 -> Googlebot, you may not want to block this one.
207.44.232.81
218.246.20.221
202.53.250.22
124.0.73.2
72.3.226.56
91.121.210.42

66.249.67.9 -> Googlebot, you may not wanna block this one.
VirtueMart Templates

http://www.vjtemplates.com