Bots and /wp-content/plugins/really-simple-ssl/ssl-test-page.php

  • Resolved thomastolkien

    (@thomastolkien)


    4 years, 6 months ago

    Just to let you know that on 30 client sites I administer that use Really Simple SSL I’ve seen a huge number of firewall events over the last 24 hours attempting to target this URL on each site:

    /wp-content/plugins/really-simple-ssl/ssl-test-page.php

    at the rate of one hit every 20-30 seconds.

    It would appear that this file is being targeted by bots?

    I thought you should be aware.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor Rogier Lankhorst

    (@rogierlankhorst)

    4 years, 6 months ago

    Hi @thomastolkien,

    This file has a noindex attribute, and it’s not linked anywhere. Can you see where the hits are coming from?

    The file is used by the plugin itself, but only while not activated yet, or on the settings page.

    It’s not very interesting or useful for outsiders or bots.

    Thread Starter thomastolkien

    (@thomastolkien)

    4 years, 6 months ago

    It is odd and it’s a strange file to be targeted.

    Here are the top 3 most prevalent IPs with over 100 hits in the last hour (although there are a lot of clusters of 10 hits on one IP before it changes to another):

    157.55.39.96

    40.77.167.0

    95.108.213.55

    These three seem to be legit search indexers, but they are trying to access the file every 20 seconds or so, which is very strange.

    Plugin Contributor Rogier Lankhorst

    (@rogierlankhorst)

    4 years, 6 months ago

    I’ll look into this and get back to you.

    Plugin Contributor Rogier Lankhorst

    (@rogierlankhorst)

    4 years, 6 months ago

    I couldn’t find any requests on this url on our own sites. Is it possible you posted this url on a forum or on a page, or in a sitemap?

    It shouldn’t be a problem really, as the page is no indexed. This will tell bots not to index it, if it happens to stumble on the url.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Bots and /wp-content/plugins/really-simple-ssl/ssl-test-page.php’ is closed to new replies.