Welcome to Geeklog, Anonymous Saturday, April 20 2024 @ 01:51 am EDT
Geeklog Forums
lOdd visitors poking around in a Geeklog site
I've got a Geeklog site set up for my son's soccer team. It gets about 10,000 page hits a month from around 1,000 unique visitors. (The unique visitors total is inflated by the high number of AOL visitors the site gets.)
Most of these are people looking for the real Barcelona soccer team, not my kid's team. So generally you get two or three pages per visitor. But occasionally, I get someone from out of town who shows an unusual interest.
Today, for instance someone at IP address 211.152.14.97 (China Channel Internet Service Inc, Shenzhen,China) arrived from (referrer) www.globul.bg (Cosmo Bulgaria Mobile, Sofia, Bulgaria).
The visitor browsed around for 121 page views. But this wasn't our usual browser who tooks around at the photos of the kids playing and leaves.
Without logging in (an anonymous visitor) the visitor was able to access (or at least attempted to access) such pages as:
/submit.php?type=story&topic=general
/submit.php?type=link
There are no "Write an article" or "Submit a link" links visible on the site.
/usersettings.php?mode=preference
Again while an anonymous visitor.
I'm curious what others think was going on.
I assume this was someone testing for vulnerabilities, but it would have to be a specifically interested in and knowlegdeable about Geeklog.
Most of these are people looking for the real Barcelona soccer team, not my kid's team. So generally you get two or three pages per visitor. But occasionally, I get someone from out of town who shows an unusual interest.
Today, for instance someone at IP address 211.152.14.97 (China Channel Internet Service Inc, Shenzhen,China) arrived from (referrer) www.globul.bg (Cosmo Bulgaria Mobile, Sofia, Bulgaria).
The visitor browsed around for 121 page views. But this wasn't our usual browser who tooks around at the photos of the kids playing and leaves.
Without logging in (an anonymous visitor) the visitor was able to access (or at least attempted to access) such pages as:
/submit.php?type=story&topic=general
/submit.php?type=link
There are no "Write an article" or "Submit a link" links visible on the site.
/usersettings.php?mode=preference
Again while an anonymous visitor.
I'm curious what others think was going on.
I assume this was someone testing for vulnerabilities, but it would have to be a specifically interested in and knowlegdeable about Geeklog.
3
2
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Well, that's to be expected, Geeklog being open source and all ...
Besides, the examples you're giving are harmless. Someone figured out that you were hiding some links and tried out what happens when they call them. Anyone can figure these links out by comparing a default install of Geeklog with your site.
If you don't want anyonmous users to submit stories, then a) switch on the submission queue (which is on by default anyway) and b) set $_CONF['submitloginrequired'] = 1; in config.php
For the real fun, check your error.log some time ...
bye, Dirk
Besides, the examples you're giving are harmless. Someone figured out that you were hiding some links and tried out what happens when they call them. Anyone can figure these links out by comparing a default install of Geeklog with your site.
If you don't want anyonmous users to submit stories, then a) switch on the submission queue (which is on by default anyway) and b) set $_CONF['submitloginrequired'] = 1; in config.php
For the real fun, check your error.log some time ...
bye, Dirk
3
2
Quote
All times are EDT. The time is now 01:51 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content