[dokuwiki] Re: attempt to use possible vulnerability of dokuwiki
- From: gstat1@xxxxxx
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Wed, 06 Feb 2008 16:54:03 +0100
Sorry, I forgot to include the version information: 2007-06-26b
regards
Paul
> -----Ursprüngliche Nachricht-----
> Von: <gstat1@xxxxxx>
> Gesendet: 06.02.08 16:41:15
> An: dokuwiki @freelists.org
> Betreff: attempt to use possible vulnerability of dokuwiki
>
> Dear all,
>
> I'm sorry to bother you, but I'm running a server and one of my clients is
> using dokuwiki. By a routine check of logs I found strange requests to
> doku.php and /lib/exe/fetch.php with dubious parameters.
>
> The relevant log entries are attached to this mail (in order to not reveal
> the domain I used xxxx to mask the domain, when necessary).
>
> Since I'm not familiar with DokuWiki can you please tell me:
>
> 1) What are they trying to do?
> 2) Have they been succesfull?
>
> Those requests come from different IPs, so I cannot block by IP address.
>
> 3) Do you have any recommendations about server configuration?
>
> I don't consider URL rewriting an option because if the urls look like
> http://example.com/dokuwiki/wiki:syntax, then the ":" will reveal that
> Dokuwiki is used, doesn't it?
>
> Can I block all urls with a parameter including http:// (i.e send Acess
> denied) or will DokuWiki not work then?
>
> Do you have a list of parameters which are used by the scripts (and what they
> are for)?
>
> Thanks in advance. Your help will be very much appreciated.
>
> Regards
> Paul
_________________________________________________________________________
In 5 Schritten zur eigenen Homepage. Jetzt Domain sichern und gestalten!
Nur 3,99 EUR/Monat! http://www.maildomain.web.de/?mc=021114
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
