random pages are giving 404 errors is this a hack

  • Hi Im getting a lot of 404’s error from a program i have set up on my website.
    this 404 errors are not because my site is broken, none of the pages being looked for are ones i have.

    im being hit with page names like, /wp-config.php.orig or /wp-config.php.bak or /wp-config.php~ or /th1s_1s_a_4o4.html

    im getting worried and fear im being hacked?
    I have the ip’s here are a few of the main ones
    184.154.139.25
    157.55.39.12
    69.175.118.170
    195.154.199.125

    what can i do, is this a hack and what plugin shall i use to stop this please

    im using ipage as a server for my wordpress site

    Thanks in advance

Viewing 3 replies - 1 through 3 (of 3 total)

  • You can use WORDFENCE or ITHEMES SECURITY and blacklist all those IP.
    And then you can scan your site if there is any malware in it.

    If your host is using Apache as a web server, you could also deny those IPs through an .htaccess file placed at the root of your wordpress directory.

    Moderator bcworkz

    (@bcworkz)

    These are probes for security vulnerabilities. As long as you don’t have such files there is nothing to worry about. If it makes you feel better you can add more security, but these sort of probes happen all the time, normally to no avail. Chasing after the latest abusing IP is waste of time unless the IP is a source of extremely heavy traffic. The IPs will keep changing.

    This particular probe is sort of clever. Your server normally protects you by not sending raw .php files, .php files always have the contained code processed, so the DB credentials in wp-config.php are never visible to visitors. Once someone innocently adds another extension the file is no longer protected and the credentials can be seen if someone requests the right file.

    This illustrates why no one should ever leave old backup files on publicly accessible server space. Organizations where others might do such a thing may be well served to add .htaccess rules denying access to extensions like .orig, .bak, .old, etc.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘random pages are giving 404 errors is this a hack’ is closed to new replies.

Tags