The attack was hitting pretty much the same pages over and over, /forum/search.php, /forum/ucp.php, /forum/app.php.Have any of you investigated how the scrabers and bots found your site?
It would be pretty trivial to build a bot that trawls the internet, looking for sites with these pages. The bot doesn't need to know anything other than that these pages exist, and return the data it is looking for.
For reference, my site gets attacked non-stop on WordPress paths as well, wp-login.php, wordpress/, wp/, etc - there is no Wordpress on my site. But someone out there is trawling sites looking for WordPress installs they can compromise.
Statistics: Posted by itspbarton — Tue May 20, 2025 3:17 am