Is my site being attacked?

encodeme · July 21, 2010, 12:34:19 PM

Hi yesterday, my logs showed a 10 fold rise in activity... I can't believe its genuine.
However now in the log of page Urls its show entires such as http://****.com/ftpNYR6CQ.cgi.
Is this an attack, and if so what should I be doing?
Thanks

CapadY · July 21, 2010, 12:38:32 PM

is **** your own site ?

encodeme · July 21, 2010, 12:41:21 PM

Yes, I didn't dare advertise the domain in case of courting more problems

CapadY · July 21, 2010, 01:40:32 PM

Is there a file called "ftpNYR6CQ.cgi" in the root of your WEBSITE ?

What's the content of that file ?

encodeme · July 21, 2010, 01:50:59 PM

No that's the worrying part. There are no obvious extra files or files ending in .cgi
It was just that my vistors count rocketed along with the bandwidth, and these .cgi refs were in the urls visited.
I'm new to all this end web problems.

CapadY · July 21, 2010, 01:57:50 PM

did you try to call that url in a browser ?

What happened ?

encodeme · July 21, 2010, 02:23:58 PM

It came up as not found.
There are 4 instanances of .cgi files all showing as not found.
Very weird.
I'll scrutinise the server logs tomorrow and see if there are any signs in there.

xenovanis · July 21, 2010, 02:31:32 PM

Could be just a global attempt to access something. Keep an eye on it though.

News:

Is my site being attacked?