© 2020 Cirrus Design Studio LTD
UK Reg 11833982
Tel 01202 683 623
The Internet is a 24/7 service - it never sleeps and neither does the traffic to your website.
The majority of traffic is harmless robots or spiders sent out to take a look at your website from search engines and indexing services. They are there to track and gather changes to your website pages and report them back to high command for including, promotion or demotion in their various search databases.
Some of these spiders are send out by annoying marketing agencies and they seek to find un-protected online forms that they can SPAM by auto filling with content and submitting them to the website owner. They are little more than annoying and easily remedied by various anti-spam measures either coded in or one fo the many excellent services like CAPTCHA and so forth.
Many of these visitors can be tracked but not usually by Google as the powerful engines tend to differentiate between a robot spider and a genuine visitor.
Over the years many and various annoying things crept into your analytics but fortunately Google has met them with changes to the way they gather data and they have quietened down - for now!
If Google changes the other engines tend to follow suit as many use the powerful search indexes of the Google bot in their own rankings.
Well, in this case, it's not a creepy arachnid but simply a piece of code the trawls the internet (a giant web hence web site) like a spider seeking prey - your website - so in the nerd world we say SPIDER. It's that easy :)
The good code, Google search bots, are very welcome but there are also the bad codes. The aforementioned SPAMMERS are one thing but after dark there are sinister goings on!
Many hackers spend their time trying to penetrate websites to steal data or vandalise them. These annoying individuals comes in all shapes and sizes from have a go school children to full on hacking organisations like Cult of the Dead Cow. The latter specialise in tapping large agencies so unlikely to worry about the majority of websites out there.
Most of the time you never know they've been but of late we at Cirrus Design Studio have started monitoring unknown traffic to see who's snooping and one of two things have popped up - obvious hacker activity!
The screen shot here shows two highlighted areas of specific interest - the first "acatalog Sandwiches.html" is an attempt to see if our backend code is preventing cross site scripting. It is also an attempt to read if our site prevents simple "in address bar hacks".
The second is a bit more of a worry - "wp-config.php.backup" - this particular one is someone attempting to find WORDPRESS vulnerabilities.
Of course the problem here for the hacker is we don't use Wordpress or any off the shelf kit!
So there you go - what happens after dark!
Please feel free to share this story