[Modsecurity] Getthing hit be sql injection attacks
admin at efastservers.com
admin at efastservers.com
Thu Aug 9 02:13:49 EDT 2007
One of my sites is getting hit hard by thousands of attempted sql injection
attacks.
72.208.177.18 - - [09/Aug/2007:01:59:03 -0400] "GET
/images/Web-Directory_12.gif HTTP/1.1" 200 562
"http://www.mydomain.com/directory.php?ax=list&sub=1&cat_id=-1/**/UNION/**/S
ELECT/**/1,2,3,4,concat(0x2D2D3E,email,0x3a,password),6,7,8,9,10,0x223E3C212
D2D,12,13/**/from/**/links/*" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
Although they only succeeded once, im desperate for a rule to kick a 403
back.
Anyone know what they are trying to do?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.gotroot.com/pipermail/modsecurity/attachments/20070809/e447fa4a/attachment.html
More information about the Modsecurity
mailing list