I launched a new website a few days ago. It’s a new CMS on a new web hosting account. Hackers seem to know it’s new. 5 days after launching the site see a lot of poking around in the file system, when i review the 404 report. This hacker was looking for archives used in the site transfer. Very clever. That archive would have the database password in it, in a config file. With the DB password you could hijack the site.
The 404 log listing below was scrubbed. I replaced the actual domain name with “sitename“. This domain is on the “.ORG” TLD.
Pro Tip: Password protect, or remove all site archive files ASAP.
3:36 AM | /www_sitename_org.zip | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /www_sitename_org.tar.gz | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /www_sitename_org.rar | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /www_sitename_org.mdb | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitename_org.zip | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitename_org.tar.gz | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitename_org.rar | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitename_org.mdb | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitenameorg.zip | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitenameorg.tar.gz | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitenameorg.rar | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitenameorg.mdb | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitename.org.zip | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitename.org.tar.gz | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitename.org.rar | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /sitename.org.mdb | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:36 AM | /wwwsitenameorg.zip | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:35 AM | /wwwsitenameorg.tar.gz | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:35 AM | /wwwsitenameorg.rar | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:35 AM | /wwwsitenameorg.mdb | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:35 AM | /sitename.zip | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |
3:35 AM | /sitename.tar.gz | Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) |