Should I be worried? Log activity

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions
Locked
user11
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Tue Jul 19, 2016 4:58 pm

Should I be worried? Log activity

Post by user11 » Mon Aug 29, 2016 1:14 pm

Recently, I noticed some unusual activity in my logs, most of which got 404 message. But long story short, this is the only one that got 200
"POST /libraries/joomla/user/user.php HTTP/1.0" 200 0 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) U2/1.0.0 UCBrowser/9.3.1.344"
Ip is from GoDaddy ISP. I banned the ip but was wondering whether or not I should unblock it because I do have the domain registered there.

Is this a normal activity or not?

Thanks for your replies in advance.

tonypartridge
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 138
Joined: Sat Sep 03, 2016 7:37 am

Re: Should I be worried? Log activity

Post by tonypartridge » Thu Sep 08, 2016 11:09 pm

Hello,

A bot is likely testing for an exploit. Just make sure your site is up to date and ideally secured with akeeba admin tools or RS firewall.

Many thanks
Tony

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 11984
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: Should I be worried? Log activity

Post by brian » Fri Sep 09, 2016 8:06 pm

As you are posting in the Joomla 1.5 forum then yes you should be worried.
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/


Locked

Return to “Security in Joomla! 1.5”