Support

 Hi,

In the last 30 days there is a big increase in Security exceptions/Automatic IP blocking: DFIshield / CSRFshield. Those are NOT IP addresses of search bots and crawlers.

Sometimes there are more than 15 emails in one day about DFIshield & CSRFshield (Security exceptions/Automatic IP blocking).

Does this mean that my website is vulnerable because there are so many DFI attacks (so many attempts of file inclusion)? Or does it mean something else?

Thanks!

Statistically speaking, an increase in attacks would indicate an increase in risk to the site. But at this point it sounds like your security software is up to the task.

You are a version back on Joomla! I don't recall what was in the change log of the 2.5.17 update, but they usually contain some bug fixes, etc. That could be one potential attack vector that you could plug.

We've had several reports of increased hacking attacks lately. One user was getting a hundred emails a minute. Luckily that attack didn't last too long. (Because at that level of activity the host will shut the site down pretty quickly.)

Thank you Dale, it is 2.5.17 now (for some reason, in administration panel there was no notification about new update to 2.5.17 and I had to update it manually... but now everything is updated).

Yes, there is an increase probably because my site is vulnerable to file inclusion somewhere, and there are those who know that but ATPro is doing its job for now.

I'll block (blacklist) all those IP addresses from which there were file inclusion attempts (and there are many of these addresses :) ).

Sorry for my bad English, thank you again.

Enable the plugin Quick Icon - Joomla Update Notification to get your notifications back.

Hackers don't use their own IP addresses. If you use the blacklist function, sooner or later you are going to block a real client's address. Admin Tools' auto-ban feature works well in this situation. If a security exception happens X times within Y minutes that IP is blocked for Z minutes/hours/days, then is automatically cleared. You get to set up the values for X, Y and Z to fit your own preferences.

Ok, thank you very much Dale!

You are welcome!