Sorry, I forgot to include the version information: 2007-06-26b regards Paul > -----Ursprüngliche Nachricht----- > Von: <gstat1@xxxxxx> > Gesendet: 06.02.08 16:41:15 > An: dokuwiki @freelists.org > Betreff: attempt to use possible vulnerability of dokuwiki > > Dear all, > > I'm sorry to bother you, but I'm running a server and one of my clients is > using dokuwiki. By a routine check of logs I found strange requests to > doku.php and /lib/exe/fetch.php with dubious parameters. > > The relevant log entries are attached to this mail (in order to not reveal > the domain I used xxxx to mask the domain, when necessary). > > Since I'm not familiar with DokuWiki can you please tell me: > > 1) What are they trying to do? > 2) Have they been succesfull? > > Those requests come from different IPs, so I cannot block by IP address. > > 3) Do you have any recommendations about server configuration? > > I don't consider URL rewriting an option because if the urls look like > http://example.com/dokuwiki/wiki:syntax, then the ":" will reveal that > Dokuwiki is used, doesn't it? > > Can I block all urls with a parameter including http:// (i.e send Acess > denied) or will DokuWiki not work then? > > Do you have a list of parameters which are used by the scripts (and what they > are for)? > > Thanks in advance. Your help will be very much appreciated. > > Regards > Paul _________________________________________________________________________ In 5 Schritten zur eigenen Homepage. Jetzt Domain sichern und gestalten! Nur 3,99 EUR/Monat! http://www.maildomain.web.de/?mc=021114 -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist