I have a affiliate website. I am monitoring which websites are user visiting. For the first time I have noticed a user is visiting following url in my websites which I guess is some kind of hacking attempt. I need help. Constantly my website is performing poor. Sometimes it opens longer than normal time. Sometimes table appears blank. Sometime Cron jobs fail to execute. Following are the few urls visited by a user repetitively.
http://www.domain-example.com/product.php?category=study-materials&id=SHOEMHMZH8HPAX4H%22%20or%20(1,2)=(select*from(select%20name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(CHAR(111,108,111,108,111,115,104,101,114),1))a)%20--%20%22x%22=%22x
Another url visited by user:
http://www.domain-example.com/product.php?category=video-albums&id=SHOEMHMZH8HPAX4H%20or%20(1,2)=(select*from(select%20name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(CHAR(111,108,111,108,111,115,104,101,114),1))a)%20--%20and%201%3D1
There are lots more such url. I am totally confused and bit scared too. What it is exactly and what the user trying to do with such url. How can I prevent from such actions?
(Note: the main domain name of my site is different. I am scared so changed the domain name only)
Please guide me in as much details as possible.
Since morning the user has been visiting from different ip addresses and his or her visited urls looks like same as I have mentioned.
Aucun commentaire:
Enregistrer un commentaire