Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    Regular Coder
    Join Date
    Aug 2002
    Location
    New York
    Posts
    152
    Thanks
    12
    Thanked 0 Times in 0 Posts

    Exclamation Possible Visitor Abuse?

    I use a free statistics site to manage my website's visitor stats. I've been noticing for the past couple weeks, one visitor that would come to the main page of the site and leave, without clicking on any of the links on the page or anything. What worries me is that this goes on every single day between 5 - 20 times a day. I'm not really complaining because bandwidth isn't a concern, but I worry that this may be some sort of red flag for a malicious attack. Is there need for worry? I have the IP and hostname of the visitor, which gives me the location. Still, I don't know if I should take any action or just hang back and watch. What should/n't I do?

  • #2
    Rockstar Coder
    Join Date
    Jun 2002
    Location
    USA
    Posts
    9,074
    Thanks
    1
    Thanked 328 Times in 324 Posts
    Well what kind of website is it? A blog?
    OracleGuy

  • #3
    Regular Coder
    Join Date
    Aug 2002
    Location
    New York
    Posts
    152
    Thanks
    12
    Thanked 0 Times in 0 Posts
    A free service site to make a course schedule for university students. The only thing of "value" is the database with users' email addresses in it -- the passwords are all stored encrypted. Otherwise it could just be a defacing attack, but to be modest my site isn't really that popular to warrant that kind of attack.

  • #4
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Could it not be a student trying to make their schedule? I know as a full-time student I often have to check back about classes and stuff going back and forth making sure things fit in the schedule. Or maybe its a bunch of students from the same school who have similar ip addresses? Are the IPs the same? Could you pm me the link? It could be useful for myself to use.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #5
    Regular Coder
    Join Date
    Aug 2002
    Location
    New York
    Posts
    152
    Thanks
    12
    Thanked 0 Times in 0 Posts
    No because there is a separate page for doing that. That's what makes this case interesting, because the main page doesn't really have anything to do on it - it's just a welcome page, essentially. If they went from the main page to the page to view their schedule, it would come up in the stat log. Instead it ends at the main page. I can't even imagine what they'd want on the main page. It's almost as if someone made the welcome page their homepage and every time they open their browser it counts as a hit to my site - then they navigate away from it. Of course, if this was the case I'd have nothing to worry about, but I really have no idea what this person's intentions are. That's why I opened this thread to see what the community thinks I should do.

  • #6
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    You could try doing a whois on the ip address and perhaps try to contact them if their information is available though if its a person it probably won't be but if its a bot the hosting server might be.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #7
    Regular Coder
    Join Date
    Aug 2002
    Location
    New York
    Posts
    152
    Thanks
    12
    Thanked 0 Times in 0 Posts
    I tried the whois lookup, but nothing helpful came up. Should I be concerned?

  • #8
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    I don't think you should be. I mean nothing has happened yet right? And you said on the main page there really is no access to the backend right?
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #9
    Regular Coder
    Join Date
    Aug 2002
    Location
    New York
    Posts
    152
    Thanks
    12
    Thanked 0 Times in 0 Posts
    Sort of. One of the flash applications accesses a database so it can display some summary stats. The main page shouldn't be the target if they wanted to hack the database because that page simply displays the data -- they should target the page that gets the data if they had something malicious in mind. I can't think of any other good reason to load my site 15 times a day other than a home page or a bot, but the IP came up clean....


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •