tcreek
commented
5 years ago and still no response from the dev after all this time?
Closed TheBarret closed 5 years ago
tcreek
commented
5 years ago and still no response from the dev after all this time?
The-Compiler
commented
5 years ago Well, it's not like "russian IPs are downloading a CSS file from my pastebin" is any useful information, unfortunately...
TheBarret
commented
5 years ago I admit that you cannot do much about it at this given time, but if tons of russian ip's request a single file for no apparent reason, its fishy.
claudehohl
commented
5 years ago Don't worry, as long as they just request it and not trying to modify or delete it, everything is fine.
tcreek
commented
5 years ago It may help if you showed the logs.Years ago, I was running an open source site on a server of mine, also based on PHP. I got an email indicating a problem which should not of occurred. Upon checking , I see the logs showing what looked like a script hitting the same page over and over until the site was compromised in a way they were able to get what they wanted.
I have in the past installed this pastebin project on my server, no problems there but recently i get a lot of traffic from russian ip's for specific files, my server is not russian based and i get the impression they figured out some sort of exploit and are actively looking for this.
The URL that is request by them is: "GET /Stikked/htdocs/themes/i386/css/codemirror.css"
Im giving you a heads up of a possibly compromised situation.
Good luck!