martcol — 2011-09-07T11:08:45-04:00 — #1
For the last few weeks I have been getting the alert produced below from a wordpress site. I do not know what to do about it and it is freaking me a bit. I use a WP Firewall2 on this site so it is that plugin that is sending the alerts.
Like I say, these alerts come two or three times a day and have been for about three weeks. There is not obvious problem with the site.
I would appreciate any advice.
WordPress Firewall has detected and blocked a potential attack!
Web Page: www.mysitename.co.uk/wp-login.php
Warning: URL may contain dangerous content!
Offending IP: 126.96.36.199 [ Get IP location ]
Offending Parameter: log = wp_admin
This may be a "WordPress-Specific SQL Injection Attack."
martcol — 2011-09-08T00:46:04-04:00 — #2
Thank you, I'll stop worrying now.
eastcoast — 2011-09-07T20:06:46-04:00 — #3
All popular web apps with past known vulnerabilities get random probes from bots looking for exploitable systems. They're generally not targetting a particular site or host. Normally these probes would go undetected and cause no harm as long as the site is secure, the firewalls alerts are a reminder of how important it is to keep your installations up to date.