Hackers, how I loathe you.
Most of my sites are configured to email me any error messages they have. Don't happen too often. Except for the incredible volume of hacking attempts by some bot to insert a web address into one of my ID URL vars. It doesn't work of course, but that still triggers an email to me. Over and over and over. Bah.
Looks like they are just trying to see if they can embed PHP code into my sites and get it to execute.
The web address they submit is really just a page that contains this:
<?php echo md5("just_a_test");?>
It's hard to imagine this would work with ColdFusion (I don't have PHP on many of the servers). One would have to code their CF site to allow embeding of CFML to eventually generate a static file, then process that. Typical for some other blog platforms perhaps.
I should note that I have put in some filters for the IP's etc. But they just change the web address and the IP anyway.
Like this entry? Subscribe to my blog.
Comments (4) - 850 views
Comments (moderation on)
Btw, I prevented the error messages by just wrapping my cfparams (with type set to integer) in a try/catch block.
Looks like it's time to build in another filter.