How can I block specific hacker activity?
|
(Blocking probes for old fixed vulnerabilities saves server CPU power since the probe is blocked before it has to process the whole page's content.) NOTE: This is only suitable for Apache webservers. If you're stuck using IIS, contact your hosting company for the appropriate approach. // redirects any URL that includes: record_company.php/password_forgotten.php RedirectMatch Permanent ^/(.*[record_company.php]+)/(password_forgotten.php)$ /page_not_found.php // redirects any URL that includes: /images/wp- with 'wp-' being anything that ends with '.php' // this allows for images named such as 'wp-header.jpg' to work RedirectMatch Permanent ^/(.*[images]+)/(wp-.*\.php)$ /page_not_found.php NOTE: If your store's files are located in another folder, add that folder in the /page_not_found.php (both places) Additionally, if you're using Zen Cart v1.3.0-thru-v1.3.8a, you might also consider this method of blocking some other script-kiddie attacks that waste server resources: http://tutorials.zen-cart.com/index.php?article=320
|
|||||||||||||||||
|
Related Articles
|
|||||||||||||||||
Copyright © 2003 - 2009 Zen Ventures, LLC