Hello there !
The last couple of weeks, I'm getting some strange error messages on my drupal installation:
1) Description : 'main(./includes/xmlrpc.inc) ['
Message : main(./includes/xmlrpc.inc) [function.main]: failed to open stream: No such file or directory in /mnt/106/sdc/3/0/iacp/drupal/xmlrpc.php on line 11.
2) Description : 'main() ['
Message : main() [function.include]: Failed opening './includes/xmlrpc.inc' for inclusion (include_path='/mnt/106/sdc/3/0/iacp/include:.:/usr/php4/lib/php') in /mnt/106/sdc/3/0/iacp/drupal/xmlrpc.php on line 11.
I thought that could be an attempt to login with an external account, but I have disactivated this feature, and I tried with my drupal account and didn't get this kind of errors, rather a 'login failed' warning.
Is this people trying to find vulnerabilities to exploit ? If so, is there any module/way to get more info on the action of these individuals so as to decide if I have to send a nice email to their providers or not.
Thanks for your advice.
Comments
check your servers logs at
check your servers logs at around the same time.
Actually it's a free
Actually it's a free webhosting service I'm using, so I don't have access to all this info.
Hi there, just got a couple
Hi there,
just got a couple of error messages more and I'm starting to wonder if I should take measures or not. I would like however before to get to know what is happening, anyone experiencing same behaviour on his drupal installation ?
Anyone might know what these errors are due to ?
The troll module seems to
The troll module seems to partially solve my problem by banning users by IP. However I would like to know what these people are trying to do (if in search of vulnerabilities, I should pay more attention to the security of my whole installation).
Is there a way to get all the POST and GET data they might be sending to the xmlrpc.php page so as to get an idea of what's going on ?