Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Strange URL from online visitor
 
Vicky P
Sr. Member
 
Total Posts:  93
Joined:  2008-02-27
Devon, UK
 

I was just checking if I had any online visitors and I noticed that the url visited by one user was:

http://www.mydomain.com/MSOffice/cltreq.asp?UL=1&ACT;=4&BUILD;=8164&STRMVER;=4&CAPREQ;=0

Looks very odd, particularly as it’s ASP and Magento runs on a Unix/PHP environment. Is this something to worry about?

 
Magento Community Magento Community
Magento Community
Magento Community
 
J_T_
Moderator
 
Avatar
Total Posts:  1961
Joined:  2008-08-07
London-ish, UK
 

Yes and no.

Read up on vulnerability probing. It’s assholes who scan every site for known script holes. As Magento doesn’t give back a proper 404, you may now be in the queue for some more visits from this automated system.

It’s no worry in terms of Magento, but a sustained scan can bring your site down or worse, if they actually find you use that script, they may seek to exploit it.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Vicky P
Sr. Member
 
Total Posts:  93
Joined:  2008-02-27
Devon, UK
 

Thanks for replying.  I’ll keep an eye on things and see if they come back.

Vicky

 
Magento Community Magento Community
Magento Community
Magento Community
 
Dannyz1984
Sr. Member
 
Avatar
Total Posts:  153
Joined:  2009-04-12
 

script scanners.

they are common

i used to get them at my site all the time back when mysql injections were popular

you cant stop them because they would always come from all parts of the world at different times…

you cant do anything about exploits unless something happens already.  sucks but thats life.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top