I was reviewing my Apache server logs this morning — something I do just about daily now — and noticed an interesting series of 404’s:
/wp-content/plugins/BackUp/Archive.php: 1 Time(s)
/wp-content/plugins/BackUp/Archive/Predicate.php: 1 Time(s)
/wp-content/plugins/BackUp/Archive/Reader.php: 1 Time(s)
/wp-content/plugins/BackUp/Archive/Writer.php: 1 Time(s)
/wp-content/plugins/Enigma2.php: 1 Time(s)
/wp-content/plugins/fgallery/fim_rss.php: 1 Time(s)
/wp-content/plugins/myflash/myflash-button.php: 1 Time(s)
/wp-content/plugins/mygallery/myfunctions/ … lerybrowser.php: 1 Time(s)
/wp-content/plugins/sniplets/modules/execute.php: 1 Time(s)
/wp-content/plugins/sniplets/modules/syntax_highlight.php: 1 Time(s)
/wp-content/plugins/st_newsletter/shiftthis-preview.php: 1 Time(s)
/wp-content/plugins/st_newsletter/stnl_iframe.php: 1 Time(s)
/wp-content/plugins/wassup/spy.php: 1 Time(s)
/wp-content/plugins/wordspew/wordspew-rss.php: 1 Time(s)
/wp-content/plugins/wordtube/wordtube-button.php: 1 Time(s)
/wp-content/plugins/wp-adserve/adclick.php: 1 Time(s)
/wp-content/plugins/wp-cal/functions/editevent.php: 1 Time(s)
/wp-content/plugins/wp-download/wp-download.php: 1 Time(s)
/wp-content/plugins/wp-filemanager/ajaxfil … filemanager.php: 1 Time(s)
/wp-content/plugins/wp-shopping-cart/image_processing.php: 1 Time(s)
/wp-content/plugins/wp-table/js/wptable-button.phpp: 1 Time(s)
/wp-content/plugins/wpSS/ss_load.php: 1 Time(s)
Looks like the script kiddies are targeting known WordPress plugin vulnerabilities these days.Now that I’ve seen those in my 404 report I’ll have to go look at raw logs to ensure there weren’t any successes (HTTP 200) in that run! That would be embarassing…
Yet another excuse for me to say:
Keep your CMS or Blog software and add ons current!
Current versions of WordPress will now notify you when it needs to be updated and, in most cases, do that update with just one click of a button. If you get your plugins from the WP Plugin Directory you’ll get notified of updates for those too. If your plugins didn’t come from the directory, make a point of periodically (and frequently) checking the author’s site to ensure you’re current.
If your not using WordPress find out how your CMS software notifies users of updates and get on the mailing list or follow the RSS feed. Whatever it takes, but be sure you’re in the loop. Same for any add-ons, extensions or whatever they might be called. As you can see above, the probe wasn’t for WordPress, it was for plugins… keeping the core software up to date but not maintaining extensions negates the entire effort.
Possibly Related posts:
February 18th, 2009 
Tags: 
