Posted - 12/08/2024 : 05:00:16
Hi, We've evidently recently had a hacker submitting lots of 'Ask a Question' requests with garbage database query in the text fields. We've now blocked that on IP as well as limiting the max number any individual can submit.
At the same time as noticing that, I see we've got over 1100 bogus affiliates now showing up. I've deleted the lot of them from the Admin.
The question is, how come someone was able to add any affiliates? (Our Admin password is strong - I've just changed it just to be sure - and there are no secondary users defined. No other hacking stuff noticed so far.)
Without looking in the d/b tables, there doesn't seem to be any record of the IP that added each affiliate or any other logging of where/when each one was added. I have blocked the IP of the 'Ask a Question' person and that may get rid of them on this side as well if it is the same culprit. Judging by the way it was all entered, I suspect the same 'person' so maybe the IP block will get rid of them...
Thanks,
Steve.
Pragmasis Limited https://SecurityForBikes.com
|