Anything to worry about? Wordfence blocked SQL Injection in query string

W

wolf3000

Junior Member
Joined
Aug 8, 2019
Messages
135
Reaction score
49
I woke up this morning only to see an email from wordfence advising me that someone attempted to hack into my website:

The Wordfence Web Application Firewall has blocked 160 attacks over the last 10 minutes

Blocked for SQL Injection in query string

I'm not very computer literate when it comes to these things.

Do I have anything to worry about?

It looks like wordfence managed to block the hack attempt.

I have since banned the ip address but wondering if there is anything else I need to do.


Thanks!
 
Advertise on BHW
Nothing to worry, to be on the safe side you might run the Wordfence scan. BTY, I can't how many times WF saved my website from malicious attacks.
 
You can try to find the page the person is trying to attack. It might be an old plugin/unsecure theme field that someone is trying to exploit. If you can find and disable/update it then the attacks will go away.
 
I've also noticed a lot of bots going to non-existent pages on my website. Wordfence seems to show a tonne of pages being requested that don't exist from various bots. Is this an attempt to scan my website for vulnerabilities so that they could get in? I'm hesitant to ban some of these ip addresses because I am worried they might be a google/bing/amazon crawler which would cause problems for me.
 
wolf3000 said:
I've also noticed a lot of bots going to non-existent pages on my website. Wordfence seems to show a tonne of pages being requested that don't exist from various bots. Is this an attempt to scan my website for vulnerabilities so that they could get in? I'm hesitant to ban some of these ip addresses because I am worried they might be a google/bing/amazon crawler which would cause problems for me.
Click to expand...

If you target certain counties only, for example, the USA, Canada, UK, Australia, and New Zeland you can implement geo-blocking (if you have Wordfence premium) and block all non-English traffic. Most of the bad bots come from Turkey, China, Russia, Romania just to name a few, the Romanian even identify their fake bots as google bots.

Another way to filter out some bots is through robots.txt file, that will only work if they obey the directives. Also, you can play with the advanced Wordfence setting, if an IP makes more than X amount of requests per minute (or something that a human would never do) it'll automatically be blocked.

Before blocking an IP you can always run 'who is' within WF in live traffic view. If it comes from a server that doesn't belong to Google, Amazon, Bing or Yahoo most probably it's safe to block if it requests a login page (or fake URL with login in it) or something that indicates scanning for vulnerabilities or pages that don't exist.
 
bahus said:
If you target certain counties only, for example, the USA, Canada, UK, Australia, and New Zeland you can implement geo-blocking (if you have Wordfence premium) and block all non-English traffic. Most of the bad bots come from Turkey, China, Russia, Romania just to name a few, the Romanian even identify their fake bots as google bots.

Another way to filter out some bots is through robots.txt file, that will only work if they obey the directives. Also, you can play with the advanced Wordfence setting, if an IP makes more than X amount of requests per minute (or something that a human would never do) it'll automatically be blocked.

Before blocking an IP you can always run 'who is' within WF in live traffic view. If it comes from a server that doesn't belong to Google, Amazon, Bing or Yahoo most probably it's safe to block if it requests a login page (or fake URL with login in it) or something that indicates scanning for vulnerabilities or pages that don't exist.
Click to expand...

Thank you so much, I will look into this!
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Web Design Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Back
Top