Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Weird results in my visitor logs
I’m seeing weird requests in my visitor logs. Is this just general people looking for vulnerabilities?
13 Jul 2026 3:18PM //login.php
13 Jul 2026 3:18PM //wp.php
13 Jul 2026 3:18PM //av.php
13 Jul 2026 3:18PM //aa.php
13 Jul 2026 3:18PM //wp-includes/assets
13 Jul 2026 3:18PM //abcd.php
13 Jul 2026 3:18PM //wp-includes/l10n
13 Jul 2026 3:18PM //wp-includes/css/dist
13 Jul 2026 3:18PM //cgi-bin/index.php
13 Jul 2026 3:18PM //wp-content/admin.php
13 Jul 2026 3:18PM //wp-includes/js/jquery
13 Jul 2026 3:18PM //f6.php
13 Jul 2026 3:18PM //themes.php
13 Jul 2026 3:18PM //admin.php?
13 Jul 2026 3:18PM //adminfuns.php
13 Jul 2026 3:18PM //wp-includes/assets
13 Jul 2026 3:18PM //hosty.php
13 Jul 2026 3:18PM //a.php
13 Jul 2026 3:18PM //admin.php
13 Jul 2026 3:18PM ///admin.php
Offline
Re: Weird results in my visitor logs
Yep. Just chancers assuming every site under the sun runs WordPress and looking for exploits. It’s an annoyance.
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Hire Txp Builders – finely-crafted code, design and Txp
Offline
Re: Weird results in my visitor logs
agovella wrote #343492:
I’m seeing weird requests in my visitor logs. Is this just general people looking for vulnerabilities?
I block those kids with these rules in my htaccess.
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: Weird results in my visitor logs
Is blocking them considered best practice? Or just something you do to be curmudgeonly?
(Curmudgeonly in the best sense)
Offline
Re: Weird results in my visitor logs
agovella wrote #343505:
Is blocking them considered best practice? Or just something you do to be curmudgeonly?
I’m not blocking their ips. I’m blocking constructed urls. ie site.tld/wordpress. Some years ago we had an attack with hackers trying to get in our site. That’s why I made that list. The server stops them and txp does not need to deal with it.
You have to be careful as to what words you will block as it can affect legit urls.
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline