Best Practice – Unstandard Naming


So again today my webserver has been hit by another person using a vulnerability scanner trying to find something to hack into. Harmless as it may seem this could be the start of a serious server takeover. Once a vulnerable application like an old version of PHPmyAdmin is found, it could be only a matter of time before your server’s confidential information is taken down. You can try to stay up to the minute on updates, but lets be serious, that is difficult to do. Another approach is to keep your server updated but make sure all administrative directories and tools are hidden.

Here is a quick 5 things to do to add security to your server:

  1. Don’t name your PHPmyAdmin the standard name. Put it in obscure folder named “d83dk” or the like.
  2. Also don’t use robot.txt files to hide your administrative folders from getting on Google or other search engines. Because its worse that a potential hacker now has your folder name. If you are concerned make your index.php have the meta tags to restrict it from search instead. (<meta
  3. Watch your log files. I have mine emailed to me daily, this may be unpractical for you, instead you may need a log processor to flag suspicious events. Nevertheless, page through a log file at least once a week.
  4. Keep up with updates, this isn’t alternative to updating your software. All it takes is a new vuln found to a common application and script kiddies will be going crazy. Join Secunia’s email list here http://secunia.com/community/profile/ to get daily up to the hour reporting on the latest vulns. Its a lot of emails but its amazing to see how often things get insecure. Setup a mail filter and it shouldn’t be too bad.
  5. Move ports around. This sounds weird but trust me, it adds alot to stop script kiddie but not real hackers determined to take down your server. I had a virtual dedicated server that was getting thousands of failed logins a day on port 22 (SSH). All I did was moved my port to a nonstandard port and instantly my failed logins went to nothing.  Automated scripts are half the battle in security. This does nothing for a more experienced hacker, but it does a lot to the not so bright script kiddies.

Attached below is the error log on my server showing a vuln scanner looking at my server:

[error] [client 58.60.146.34] script ‘/var/www/nosuichfile.php’ not found or unable to stat
[error] [client 58.60.146.34] File does not exist: /var/www/noxdir
[error] [client 58.60.146.34] File does not exist: /var/www/PMA
[error] [client 58.60.146.34] File does not exist: /var/www/PMA2005
[error] [client 58.60.146.34] File does not exist: /var/www/admin
[error] [client 58.60.146.34] File does not exist: /var/www/admin
[error] [client 58.60.146.34] File does not exist: /var/www/admin
[error] [client 58.60.146.34] File does not exist: /var/www/admin
[error] [client 58.60.146.34] File does not exist: /var/www/db
[error] [client 58.60.146.34] File does not exist: /var/www/dbadmin
[error] [client 58.60.146.34] File does not exist: /var/www/myadmin
[error] [client 58.60.146.34] File does not exist: /var/www/mysql-admin
[error] [client 58.60.146.34] File does not exist: /var/www/mysql
[error] [client 58.60.146.34] File does not exist: /var/www/mysqladmin
[error] [client 58.60.146.34] File does not exist: /var/www/mysqlmanager
[error] [client 58.60.146.34] File does not exist: /var/www/p
[error] [client 58.60.146.34] File does not exist: /var/www/pHpMy
[error] [client 58.60.146.34] File does not exist: /var/www/pHpMyAdMiN
[error] [client 58.60.146.34] File does not exist: /var/www/php-my-admin
[error] [client 58.60.146.34] File does not exist: /var/www/php-myadmin
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyA
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmi
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.10.0
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.10
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.5
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.6
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.7
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.8
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.11.9
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.2.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.2.6
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.0
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.5
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.6
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.7
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.8
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.3.9
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.0
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.5
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.6
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.7
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.8
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.4.9
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.0
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.5-pl1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.5-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.5-rc2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.5
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.6-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.6-rc2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.6
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.7-pl1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.7
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.8
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.5.9
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-alpha
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-alpha2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-beta1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-beta2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-pl1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-pl2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-pl3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-rc2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0-rc3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.0
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.1-pl1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.1-pl2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.1-pl3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.1-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.1-rc2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.2-beta1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.2-pl1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.2-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.3-pl1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.3-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.4-pl1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.4-pl2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.4-pl3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.4-pl4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.4-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.5
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.6
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.7
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.8
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.6.9
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.0-beta1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.0-pl1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.0-pl2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.0-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.0
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.5
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.6
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.7
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.8
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.7.9
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.0-beta1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.0-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.0-rc2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.0.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.0.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.0.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.0.4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.0
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.1-rc1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.5
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.6
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.7
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.8
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.8.9
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.9.1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2.9.2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-3
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin-4
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin1
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAdmin2
[error] [client 58.60.146.34] File does not exist: /var/www/phpMyAds
[error] [client 58.60.146.34] File does not exist: /var/www/phpm
[error] [client 58.60.146.34] File does not exist: /var/www/phpmanager
[error] [client 58.60.146.34] File does not exist: /var/www/phpmy-admin
[error] [client 58.60.146.34] File does not exist: /var/www/phpmy
[error] [client 58.60.146.34] File does not exist: /var/www/phpmyad-sys
[error] [client 58.60.146.34] File does not exist: /var/www/phpmyad
[error] [client 58.60.146.34] File does not exist: /var/www/phpmyadmin
[error] [client 58.60.146.34] File does not exist: /var/www/phpmyadmin2
[error] [client 58.60.146.34] File does not exist: /var/www/pma
[error] [client 58.60.146.34] File does not exist: /var/www/pma2005
[error] [client 58.60.146.34] script ‘/var/www/scripts/setup.php’ not found or unable to stat
[error] [client 58.60.146.34] File does not exist: /var/www/sqladmin
[error] [client 58.60.146.34] File does not exist: /var/www/sqlmanager
[error] [client 58.60.146.34] File does not exist: /var/www/sqlweb
[error] [client 58.60.146.34] File does not exist: /var/www/vhcs2
[error] [client 58.60.146.34] File does not exist: /var/www/web
[error] [client 58.60.146.34] File does not exist: /var/www/webadmin
[error] [client 58.60.146.34] File does not exist: /var/www/webdb
[error] [client 58.60.146.34] File does not exist: /var/www/websql

openanalytics 1033 views

I'm a 34 year old UIUC Computer Engineer building mobile apps, websites and hardware integrations with an interest in 3D printing, biotechnology and Arduinos.


View Comments
There are currently no comments.

This site uses Akismet to reduce spam. Learn how your comment data is processed.