Home > apache 2.2 > What is idea of web server attack on thinker/js/think.js?

What is idea of web server attack on thinker/js/think.js?

July 2Hits:1
Advertisement

My web server is getting a lot of GET request on thinker/js/think.js and thinker/showSimilarInfo.do.

These requests obviously constitute a server attacks.

What is point of these attacks?

Also, is there a way to automatically ban IP which is trying to this kind of attack.

Answers

What is point of these attacks?

There is probably an application out there that has a security vulnerability in one of these files. If you're not hosting these files you can probably ignore the request. It's probably someone scanning thousands of hosts to find one that is vulnerable.

Also, is there a way to automatically ban IP which is trying to this kind of attack.

Sure. fail2ban is a common solution for this sort of thing, but there are others. fail2ban monitors log files for certain patterns, and then executes actions when certain thresholds are reached. A typical action is to modify the local firewall configuration to ban the offending ip address.

Related Articles

  • What is idea of web server attack on thinker/js/think.js?July 2

    My web server is getting a lot of GET request on thinker/js/think.js and thinker/showSimilarInfo.do. These requests obviously constitute a server attacks. What is point of these attacks? Also, is there a way to automatically ban IP which is trying to

  • Advantages of separating Web server from DatabaseMay 29

    What are the security advantages of installing the database of a web application on a server other than the one containing the web server? --------------Solutions------------- Well the first obvious advantage is that if someone breaks the box that ho

  • Distributed web server to stop DDos attacks? December 5

    This question already has an answer here: I am under DDoS. What can I do? 3 answers I have been thinking about a way to hinder DDos (Distributed Denial of Service) attacks (which seems to be a hot topic at the moment) by placing a signed Java Applet

  • What should be the role of iptables of a typical apache web server on the Internet to help in DoS attacks July 31

    I need to know What should the role of iptables of a typical apache web server on the Internet to help preventing or limiting DoS or other attacks. --------------Solutions------------- As you have noted, IPTables is not a definitive solution to DoS -

  • Attack on my web server - What could this meanFebruary 4

    My provider informed that there is an outbound attack on my web server. On further inspection I saw this in my Apache error.log file: --2012-02-04 04:40:59-- http://www.luxelivingforum.com/wp-content/themes/lifestyle/run Resolving www.luxelivingforum

  • Statistics of attacks on unhardened Web ServerMarch 13

    Suppose my web server is on the public internet. It's not behind firewall hardware. It does use HTTPS, and it has its OS firewall software turned on - but this is the only security mechanism in place. Are there published statistics of such a web serv

  • Attacks to jump from SQL server to Web server, without direct network access?May 16

    Considering that I have a structure like the following, allowing only the TCP and UDP ports for SQL to be accessed. Specifically no traffic initiated from SQL is allowed to reach SECURE. SECURE-> SQL <- STANDARD |-> SECURE-SQL What kind of attack

  • How to Stop DDoS Attacks by simple function on web server?September 4

    I have an overview ideas of the preventing ddos attacks, in a simple way. Please clarify me, if my thinking is wrong. Option 1 From the basic understanding of the DDOS attacks is that the attacker is sending a lot of data to the web server. So what a

  • How to secure the cloud hosted web server safe from attack ? October 28

    This question already has an answer here: Apache Server Hardening 11 answers We have got a web server (Apache) hosted externally. It has got multiple times attacks from the hackers (The Index file getting changed) even after getting moved from anothe

  • How to detect a web server without the server headerMay 16

    LATER EDIT : Could it be that IIS is not case sensitive for URLs and Apache is and someone could use this information to further increase the confidence factor in OS/WebServer detection? I was reading about the useful UrlScan tool here and came acros

  • Will a reverse proxy in front of web server improve security?June 12

    Third-party security professional is recommending we run a reverse proxy in front of the web server (all hosted in the DMZ) as a best practice security measure. I know this is a typical recommended architecture as it provides another level of securit

  • Choosing web server software for securityJuly 2

    Nginx, an open source web server that's relatively new on the market, has been attracting some interest lately, having performed really well in some benchmarks over the past years. In choosing server software for publicly accessible business applicat

  • Is it really necessary to setup a Hardware Firewall on a windows 2008 Web ServerSeptember 10

    What is the worst that could happen if I don't setup a hardware firewall? I am planning to just install a software firewall. I am planning to deploy a medium traffic web site and the information on the database will be important. But, I can protect t

  • Install an antivirus on a web server, is this a good idea?September 13

    I just got a dedicated server with Windows 2008 Standard Edition and am trying to do the necessary configuration to run my web app on it. Was wondering, is it a good idea to install an antivirus on the web server? In the app, users can't upload any f

  • Would you install phpmyadmin on a production web server?September 24

    I have been playing around with phpMyAdmin and I do think that it is a good tool, but I have read a lot on the internet about security holes. Would you recomend installing/using phpMyAdmin on a prduction webserver? I figure that if I only allow acces

  • Should the Database be on the same box as the web server or separateSeptember 29

    Im using SQL Server 2005 and IIS6. I have each on separate boxes (Quad cpu, 4G). Client wants to consolidate on to one box. This is an Enterprise application with 400 users. Performance is good now, but I question any savings to consolidate with perf

  • Should I install AntiVirus software on a Windows web server? October 8

    Possible Duplicate: Do you run antivirus on your Windows servers? I see a couple of existing questions on this with apposing viewpoints: http://serverfault.com/questions/632/do-you-run-antivirus-on-your-windows-servers http://serverfault.com/question

  • Is there any reason to run mail software on my web serverOctober 11

    Preface: Server admin n00b here. I'm setting up a web server for our site (Ubuntu 8.04 LTS 64-bit). The web server is not used for processing inbound mail or outbound mail sent by actual mail users for the domain; all of that is handled separately (b

  • How to hide web server name and openssh version on linux when scanning server ports?November 5

    How to hide web server name and openssh version on linux when scanning server ports? when i nmap'ed(nmap -A -T4 192.168.40.12) ip server from the outside, the one shows: Starting Nmap 4.62 ( http://nmap.org ) at 2009-11-05 14:11 IRST LUA INTERPRETER

  • Where can I find a little web server? November 11

    I have a cable internet connection and I would like to set up a small web server at home. I could use my existing computer for this but I don't like to keep it on 24/7. I don't expect it to get many visitors (mostly me when I'm abroad) but I do want

Copyright (C) 2017 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.589 s.