Dozy PHP hackers

One of the things I enjoy is reading the log of all 404 errors this site generates when people follow a bad link, mistype a URL, or deliberately try and find holes in the site so that they can hack it.

Long ago (a good 18 months now), I moved this site from GoDaddy’s shared hosting to Microsoft Azure. At the time, I had two blogs on an older static site and the server-driven one you are reading now. I wanted to properly split them up and secure them via SSL, so I used those 404 logs to work out every redirection of the old site’s addresses (say from Google results) to where they were in the new sites.

The initial reason for the move was because GoDaddy suffered from PHP hacks that would futz with my site and send readers who-knows-where. No matter how I cleaned the hacks up, they’d reappear after a few weeks, and so I just got fed up with GoDaddy’s inattention to the issues and decided go elsewhere. The thing is: the hacks are still happening to other people and I still get comments on that particular blog post.

Back to the 404 redirects log. As I said it’s funny to read them. Sure, I still get myriad script kiddie attempts at finding well-known PHP pages, ad nauseam. A couple of weeks ago, I even had someone checking for the standard <cough> Telerik ASP.NET URLs <cough>, obviously from someone who doesn’t know who I am. But last night, this was the icing on the cake:\think\app/invokefunction&function=call_user_func_array&vars[0]=assert&vars[1][]=phpinfo()

Yep, WTAF is that? Time for a bit of Googling and I find out it’s a remote code execution bug for ThinkPHP, a framework for developing web apps in PHP, used mostly in China.

So, no freaking way am I going to base my non-static sites on PHP. Ever. Nuh-huh.

WrongWayNotAnExit - banner

Loading similar posts...   Loading links to posts on similar topics...

No Responses

Feel free to add a comment...

Leave a response

Note: some MarkDown is allowed, but HTML is not. Expand to show what's available.

  •  Emphasize with italics: surround word with underscores _emphasis_
  •  Emphasize strongly: surround word with double-asterisks **strong**
  •  Link: surround text with square brackets, url with parentheses [text](url)
  •  Inline code: surround text with backticks `IEnumerable`
  •  Unordered list: start each line with an asterisk, space * an item
  •  Ordered list: start each line with a digit, period, space 1. an item
  •  Insert code block: start each line with four spaces
  •  Insert blockquote: start each line with right-angle-bracket, space > Now is the time...
Preview of response