0

I have been receiving requests from ip addresses which seems to me like attempts to gain control over the system. These seem to be DOS Attacks due to the sleep(x) function attached. But not all of them have the sleep function, so I need to know which kind of attack are these. I'm attaching the screenshot's of the apache logs that I had taken.

enter image description here

enter image description here

For the time being I have blocked the IP and set the time out limit to 2 seconds. But I am still not satisfied and would like to know if there's any other preventive measures that I can take.

Virendra Nagda
  • 673
  • 5
  • 9
ProgrammerBaba
  • 19
  • 4
  • 2
    sql attack.. SQL Injection Attack – Phoenix Dec 28 '15 at 12:56
  • 1
    From [Related: How can I prevent SQL-injection in PHP?](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1). But since you have these codes on your database, it seems that you already have some sort of 'fix' (I can be wrong). Anyways, this doesn't seem like a DOS attack at all. – FirstOne Dec 28 '15 at 13:04
  • Nah, (D)DOS attack ([Denial Of Service](https://en.wikipedia.org/wiki/Denial-of-service_attack)) tries to tackle your system by overloading it. This is just an attempt to retrieve data from your database, which _could_ succeed if you aren't protected against sql injection (see @FirstOne's link). – giorgio Dec 28 '15 at 13:18
  • Somebody is scanning your server for vulnerabilities. This is why [handling input securely](http://phpsecurity.readthedocs.org/en/latest/Input-Validation.html) is so important. – Jared Farrish Dec 28 '15 at 13:23
  • @FirstOne Thank's For the link. It really helped me. I guess I wasn't searching for the right thing. – ProgrammerBaba Dec 29 '15 at 13:49
  • Glad to help. @ProgrammerBaba – FirstOne Dec 29 '15 at 16:17

0 Answers0