Should I be worried? Log activity

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
user11
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Tue Jul 19, 2016 4:58 pm

Should I be worried? Log activity

Post by user11 » Mon Aug 29, 2016 1:14 pm

Recently, I noticed some unusual activity in my logs, most of which got 404 message. But long story short, this is the only one that got 200
"POST /libraries/joomla/user/user.php HTTP/1.0" 200 0 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) U2/1.0.0 UCBrowser/9.3.1.344"
Ip is from GoDaddy ISP. I banned the ip but was wondering whether or not I should unblock it because I do have the domain registered there.

Is this a normal activity or not?

Thanks for your replies in advance.

tonypartridge
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 138
Joined: Sat Sep 03, 2016 7:37 am

Re: Should I be worried? Log activity

Post by tonypartridge » Thu Sep 08, 2016 11:09 pm

Hello,

A bot is likely testing for an exploit. Just make sure your site is up to date and ideally secured with akeeba admin tools or RS firewall.

Many thanks
Tony

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 12781
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: Should I be worried? Log activity

Post by brian » Fri Sep 09, 2016 8:06 pm

As you are posting in the Joomla 1.5 forum then yes you should be worried.
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/


Locked

Return to “Security in Joomla! 1.5”