Malware Related > Compromised Servers

Help with server

(1/1)

woden57:
Hello,

My server gets hit with requests for something along this line "mysite.com/.vdtker/?action=captcha&a=get&i=115114&v=21"
and also .sys or .eoaxl in place of .vdtker

I have removed the files that were written on the server and I have even changed servers with a complete re-upload of all legitimate files.

My problem is that I'm getting hit with a few thousand "not found" requests for this crap every day.
I can find no way to trace the referrer, it's blank.

Is there a cure for this?

Thanks!

MysteryFCM:
There's no way of stopping the requests, no. Though you can of course use a re-write to redirect the requests - but if there's a large volume, I wouldn't recommend it (strictly for bandwidth issues).

These requests are likely coming from either compromised machines, or automated monitors.

Navigation

[0] Message Index