Questionable 404 for Google Site Verification

  • Resolved berbeates

    (@berbeates)


    5 years, 11 months ago

    Every few days I check the 404 log and use those results to manually populate the “immediately block IPs” list. Every once in a while I get a result that I’m not entirely sure whether it’s malicious or not. A few days ago, someone attempted to access the page:

    /google-site-verification-content-[32 digit hash]plpcode87.php

    The hash is not the one associated with the google analytics account, but I haven’t been able to find any post 2014 resources regarding attacks through this vector.

    It seems malicious, but I’d like to confirm before blocking.

Viewing 3 replies - 1 through 3 (of 3 total)
  • WFGerroald

    (@wfgerald)

    5 years, 11 months ago

    Hey @berbeates,

    Can you please share a screenshot of the expanded Details of the hit in Wordfence > Live Traffic?

    I’d be inclined to think this is a mindless bot programmed to prod around. But, the IP being used could be helpful. If you’re able to share this I’ll share it with the developers for their thoughts as well.

    Please let me know.

    Thanks,

    Gerroald

    Thread Starter berbeates

    (@berbeates)

    5 years, 11 months ago

    Hello Gerroald,
    Thank you for your quick reply! This hit wasn’t blocked by Wordfence, but caught in a 404 log (from another plugin). Since the vast majority of 404 errors come from attempted attacks, I use this log to manually include in the Wordfence block list.

    I usually delete these 404 logs once I update Wordfence, so I don’t have the full details. I’ll keep an eye out and send more information if I see it again.

    Thansk!
    -Bernardo

    WFGerroald

    (@wfgerald)

    5 years, 11 months ago

    Hey @berbeates,

    Sounds like a plan. Please do share any information you see in the future. And if you have any other questions, please let us know.

    Just out of curiosity, what plugin are you using to log the 404s?

    Thanks!

    Gerroald

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Questionable 404 for Google Site Verification’ is closed to new replies.