Sorry Alex, I'm a newbie when it comes to some of this. Here is the admin's .htaccess file:
AuthUserFile /usr/dir/www/domain.com/cgi-bin/links/admin/.htpasswd
AuthGroupFile /dev/null
AuthType Basic
AuthName Protected
require valid-user
Order Deny,Allow
Deny from all
Allow from xx.xx.xx.xx
Allow from xx.xx.xx.xx
The Order Deny, Allow being added a few days ago.
I hesitate to do any more at the moment. On behalf of the site owner, I've requested a quote from Gossamer about addressing script upgrades and security issues.
The site's IP address was requesting admin/admin.cgi and subscribe.cgi among others. Here's a part cut from the access_log:
xx.xx.xx.xx - - [19/Dec/2005:17:02:56 -0800] "GET /cgi-bin/links/subscribe.cgi HTTP/1.0" 200 0 "-" "Links SQL (http://gossamer-threads.com/scripts/links-sql/)"
There are more - some that use the domain name instead of the IP number.
Nadine
AuthUserFile /usr/dir/www/domain.com/cgi-bin/links/admin/.htpasswd
AuthGroupFile /dev/null
AuthType Basic
AuthName Protected
require valid-user
Order Deny,Allow
Deny from all
Allow from xx.xx.xx.xx
Allow from xx.xx.xx.xx
The Order Deny, Allow being added a few days ago.
I hesitate to do any more at the moment. On behalf of the site owner, I've requested a quote from Gossamer about addressing script upgrades and security issues.
The site's IP address was requesting admin/admin.cgi and subscribe.cgi among others. Here's a part cut from the access_log:
xx.xx.xx.xx - - [19/Dec/2005:17:02:56 -0800] "GET /cgi-bin/links/subscribe.cgi HTTP/1.0" 200 0 "-" "Links SQL (http://gossamer-threads.com/scripts/links-sql/)"
There are more - some that use the domain name instead of the IP number.
Nadine