Hi
I've been having a browse through the logs of one of my sites, inspecting the few 404's as is my habit and found entries "/phpmyadmin/index.php" and "/pma/index.php" from the same IP at exactly the same timestamp ... the entry continues.... 404 332 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 4.3 (build 01218))"

The site in question (logs I was checking) doesn't happen to have a database behind it so this... bot... was completely without cause in this case.

I'm curious. Nothing to be concerned about? A reason to not use "phpmyadmin" or "pma" as a directory name? Would a block in robots.txt have stopped this beggar?

Incidentally... never found a 404 with this before, it's new to me. Coincidentally it followed hard on the heels of a little experiment I did with a site: followsite.com which added way too many entries to my logs so I'm looking into blocking it too. Coincident? I've found an entry on a forum which experienced "a bad hack at about the same time"...um.

All opinions welcome.

If you don't have a db and don't use phpmyadmin, don't worry about it. Scans have been way up lately because of vulnerabilities in the code.

FWIW, robots.txt doesn't help to thwart these types of scans.

Hi. Indeed, given the site has no database, my reaction was one of curiosity. However... it might be just timely - I'm about to implement a database... or two on various projects in the pipeline.

So.. I take from what you've said: As these were just 'scans' there's unlikely to be an association with the afore mentioned site? And I presume I just need to make sure I'm well up on the security aspects, do all the sensible basics, because it was an automated (as in: unintelligent) probing... so to speak.

Regards.

Probably automated, yes. Occasionally you may get hit by a real person, but it should still look about the same. The thing with the probes is that, just like with a real person, they can exploit a vulnerability if the they find an opening.

So, keeping up with security updates for any of your web-facing software is a good idea. Problems enter when you're forced to rely on a hosting provider to update the software on their end.