Mandatory information about my setup:
Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: 2.5
PHP version: 5
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: Latest
Description of my issue:
Hi for the last six months I have been attacked by the following range of IP's 150.70.*.* from Japan. I have just updated a website to Joomla 2.5 and the first thing I do is install Admin Tools. Within minutes I was seeing the following entries in security exceptions log:
http://domain/administrator/index.php?option=com_admintools&view=logs
http://domain/administrator/index.php?option=com_admintools&view=ipautobans
http://domain/administrator/index.php?option=com_admintools&view=ipbls&task=add
http://domain/administrator/index.php?option=com_login&task=logout&f95034e145e48ec4f2c0654ec2ea54bd=1
http://domain/administrator/index.php?option=com_installer&view=update&task=update.ajax
I am right in thinking this an automated attack as it always seems start within minuets.
They know I am using Admin Tools but do not know the secret work for backend access so what exactly are they trying to do here?
Thanks
John
Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: 2.5
PHP version: 5
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: Latest
Description of my issue:
Hi for the last six months I have been attacked by the following range of IP's 150.70.*.* from Japan. I have just updated a website to Joomla 2.5 and the first thing I do is install Admin Tools. Within minutes I was seeing the following entries in security exceptions log:
http://domain/administrator/index.php?option=com_admintools&view=logs
http://domain/administrator/index.php?option=com_admintools&view=ipautobans
http://domain/administrator/index.php?option=com_admintools&view=ipbls&task=add
http://domain/administrator/index.php?option=com_login&task=logout&f95034e145e48ec4f2c0654ec2ea54bd=1
http://domain/administrator/index.php?option=com_installer&view=update&task=update.ajax
I am right in thinking this an automated attack as it always seems start within minuets.
They know I am using Admin Tools but do not know the secret work for backend access so what exactly are they trying to do here?
Thanks
John
