Welcome to Geeklog, Anonymous Monday, November 28 2022 @ 07:33 am EST

Geeklog Forums

lOdd visitors poking around in a Geeklog site


Status: offline

jlhughes

Forum User
Full Member
Registered: 04/25/02
Posts: 154
worried
I've got a Geeklog site set up for my son's soccer team. It gets about 10,000 page hits a month from around 1,000 unique visitors. (The unique visitors total is inflated by the high number of AOL visitors the site gets.)

Most of these are people looking for the real Barcelona soccer team, not my kid's team. So generally you get two or three pages per visitor. But occasionally, I get someone from out of town who shows an unusual interest.

Today, for instance someone at IP address 211.152.14.97 (China Channel Internet Service Inc, Shenzhen,China) arrived from (referrer) www.globul.bg (Cosmo Bulgaria Mobile, Sofia, Bulgaria).

The visitor browsed around for 121 page views. But this wasn't our usual browser who tooks around at the photos of the kids playing and leaves.

Without logging in (an anonymous visitor) the visitor was able to access (or at least attempted to access) such pages as:

/submit.php?type=story&topic=general

/submit.php?type=link

There are no "Write an article" or "Submit a link" links visible on the site.

/usersettings.php?mode=preference

Again while an anonymous visitor.

I'm curious what others think was going on.

I assume this was someone testing for vulnerabilities, but it would have to be a specifically interested in and knowlegdeable about Geeklog.
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Well, that's to be expected, Geeklog being open source and all ...

Besides, the examples you're giving are harmless. Someone figured out that you were hiding some links and tried out what happens when they call them. Anyone can figure these links out by comparing a default install of Geeklog with your site.

If you don't want anyonmous users to submit stories, then a) switch on the submission queue (which is on by default anyway) and b) set $_CONF['submitloginrequired'] = 1; in config.php

For the real fun, check your error.log some time ...

bye, Dirk
 Quote

All times are EST. The time is now 07:33 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content