1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Constant SQL Injection Attacks?

Discussion in 'Blogging' started by Dodge, Sep 22, 2011.

  1. Dodge

    Dodge Regular Member

    Joined:
    Jul 29, 2009
    Messages:
    389
    Likes Received:
    53
    Hi there,

    I installed WordPress Firewall 2 today and have so far had about 60 emails saying one of my sites has been targetted with SQL injection attacks... mostly from different IPs.

    Is this quite serious? I can't imagine someone would put so much time into attakcking them either!

    Also is there anyway I can stop them other than using this firewall?

    Thanks
     
  2. dikoro

    dikoro Regular Member

    Joined:
    Dec 16, 2008
    Messages:
    205
    Likes Received:
    39
    I had one too. I suggest change all the mysql user name and pass including wp too for now. And reinstall everything with new users if you have backup.
     
  3. trustedfire9

    trustedfire9 Jr. VIP Jr. VIP Premium Member

    Joined:
    Jun 15, 2010
    Messages:
    2,098
    Likes Received:
    1,779
    yes http://www.greensql.net/ , it's free and will prevent the attacker to do any sql injection by filtering sql orders .
     
  4. makingfastcash22

    makingfastcash22 Senior Member

    Joined:
    Feb 15, 2009
    Messages:
    1,152
    Likes Received:
    178
    Home Page:
    I re installed a fresh new install and I am still getting these messages.

    They are surely doing these injection attacks with a bot of some sort.
     
  5. gergo2007

    gergo2007 Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 2, 2010
    Messages:
    805
    Likes Received:
    213
    The ip-s are from the same country? Why you dont ban them?
     
  6. makingfastcash22

    makingfastcash22 Senior Member

    Joined:
    Feb 15, 2009
    Messages:
    1,152
    Likes Received:
    178
    Home Page:
    Smart Idea Bro! I think we should create a list and band these bastards!
     
  7. Dodge

    Dodge Regular Member

    Joined:
    Jul 29, 2009
    Messages:
    389
    Likes Received:
    53
    Thanks everyone. Just to check, if Wordpress Firewall 2 says they are SQL injection attacks does that definitely mean there is something malicious going on? I'm getting about 50 a day (sites get 2000 UVs a day) and a lot of them have Google/Bing as the referrers with the content being essentailly a search for a keyword that I'm targetting?

    Why would this come up as an SQL injection? I don't understand what this is but I'm just worried that this plugin is blocking genuine visitors!