Highest Voted 'server-side-attacks' Questions

0

votes

1 answer

Server attack while sending emails with link

I have a problem with a web server, that also sends newsletter emails with an unsubscribe link. Everytime such an email is sent out, the unsubscribe link is called directly. Because it could be 1000 or more email, the calls crashes the server…

email server server-side-attacks

asked Feb 15 '22 at 11:13

Vera Nentwich

19
2

0

votes

1 answer

HTTP Host HEAD attacks in prestashop cPanel host

I see this huge log in apache log for website: 192.111.129.145 - - [07/Jun/2021:13:07:50 +0430] "HEAD /?Y256629118494u166019161242G5231293763232i55356056861y HTTP/1.1" 403 0 "hsteam-gifts.ir/" "z" 103.137.165.152 - - [07/Jun/2021:13:07:51 +0430]…

prestashop cpanel server-side-attacks

asked Jun 07 '21 at 08:48

behnam bahadori

28
6

0

votes

0 answers

How can i block on Nginx an attack like the code below?

The error shows up in error.log and the server suffers from multiple requests like this one. FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: "attacker's ip", request: "GET…

nginx fastcgi server-side-attacks

asked Jan 07 '21 at 12:54

UserWarrior4321

1

0

votes

0 answers

How to modify a file on a web server without date change (attack)

I have an attack on a webserver, where i get code injected into my js files. But the date did not change. The attack was 1 month ago, but the file was last modified 2 years ago. How do you do this?

javascript server-side-attacks

asked Jan 05 '21 at 12:29

Paul Zielke

1

0

votes

1 answer

Node.js brute force prevention

I have a MERN stack project running on Heroku, today someone has started to flood my server with many login requests (brute force). Every request has a different IP address so I cannot block the IP. This has caused a website outage. How can I block…

node.js security brute-force server-side-attacks

asked Nov 08 '20 at 21:15

daniel93

181
1
12

0

votes

1 answer

How to overcome this Index error in Python

The code given below is exactly as shown in the tutorial(zsecurity) it seems the code does not working only on my system.i run this code in linux (virtual box). this is an arpspoofing used to become the man in the middle in local network. i…

python virtualbox arp index-error server-side-attacks

asked Oct 06 '20 at 14:24

prasath

1
1

0

votes

0 answers

Possible attack on mysqlServer ErrorLogs

Asking a question to you guys : I have my MysqlLogs with 200 000 + [Note] Access denied for user 'root'@'122.224.33.184' (using password: YES) With multiple Usernames ( Magento / root / Admin / user / developper /dev etc... ) the pick goes from 0…

mysql amazon-web-services server-side-attacks client-side-attacks dictionary-attack

asked Nov 28 '19 at 09:46

Ggs

181
15

0

votes

1 answer

Preventing Replay Attacks in Google Apigee

We are working on a payment service where we want to make sure that a request to the service is not being replayed, whether on purpose or accidentally. We are going to be using Google Apigee as our API gateway. Is there some policy or configuration…

apigee replay server-side-attacks

asked Mar 06 '19 at 18:45

Westy

169
2
15

0

votes

1 answer

How to prevent repeated request from a server on website

Hello someone is trying to make multiple signups on my website with different IP what could be the easy way to prevent this . I am using aws stack for website hosting

security ddos server-side-attacks

asked Feb 01 '19 at 08:26

sumit

37
3

0

votes

1 answer

hping3 Syn Flood attack (DoS) is not strong enough

I'm building an environment to test SynFlood attack. I have 3 VMs to represent SaveClient, Attacker, and the Victim. All are running on VirtualBox. They have Ubuntu 16.04 LTS server with the same configuration (1GB RAM, 1 processor). I tried to…

security virtualbox ddos server-side-attacks hping

asked Nov 27 '18 at 12:39

Ahmed Sallam

51
1
5

0

votes

1 answer

Invalid HTTP_HOST header: 'awssgp0-files.fds.api.xiaomi.com' request header attack

I am getting this request (more than 2000 per day) from different countries. Invalid HTTP_HOST header: ‘awssgp0-files.fds.api.xiaomi.com’. You may need to add u'awssgp0-files.fds.api.xiaomi.com' to ALLOWED_HOSTS. Report at…

django header request amazon-elastic-beanstalk server-side-attacks

asked Oct 23 '18 at 08:30

Prabhat

71
1
4

0

votes

1 answer

Wordpress hack keeps severing database connection

I have a Wordpress site that keeps severing database connection and I am not sure how to find or clean up or get rid of the root cause. The issue is that there is this odd script that keeps popping up on the wp-config.php file. I delete it, correct…

wordpress server-side-attacks

asked Oct 12 '18 at 17:50

Jose-R

13
4

0

votes

1 answer

I'm trying to use directory traversal attack against website

i m trying to pen test a website so if i managed to browse website directories including db config and .php files but whenever opening any .php file nothing show like empty file and every .php file on the website acting the same i cant figure out…

security server-side-attacks

asked Sep 28 '18 at 13:36

EGY Eagle Anonymous Hacking

13
2

0

votes

0 answers

Laravel and 0 day exploit?

I just stumbled upon the 0 day exploit and some discussions about it https://forum.nginx.org/read.php?2,88845,page=3 https://serverfault.com/questions/690983/which-try-files-nginx-directive-is-best-for-the-zero-day-exploit that zero day exploit…

php laravel nginx exploit server-side-attacks

asked Sep 01 '18 at 01:37

Toskan

13,911
14
95
185

0

votes

1 answer

Security concerns while making a HTTPS API request

I have a table in my DB from which I have to fetch some data at regular intervals based on some parameters. What I was thinking was to make an API which fetches me the data from the server (POST request on https). This is done in an authenticated…

rest api security networking server-side-attacks

asked Jul 18 '18 at 06:27

Yesha

648
1
7
29

Questions tagged [server-side-attacks]