Why Watch Server Stats?
There are tons of reasons to pay attention to your server stats, but today’s favorite is this:
Your server stats can alert you the myriad ways that bad people are trying to hack into your site and use it for their own purposes. Today’s example comes right out of my server statistics Failed Requests section.
Click image for legible version of the failure report.
My report shows multiple failed attempts to get two files, wordtube-button.php and wptable-button.php, by trolling through multiple plugin directories. It didn’t take long in the search engines to find that both files come from WordPress plugins by the same developer. I found that in older versions of his wordTube and wp-Table plugins, input passed to these two php files is not properly verified before being used to include files. New versions of these plugins that close this little security flaw are now available. So hackers are out there randomly hunting for people who have older versions of these plugins installed to exploit them and distribute who knows what.
I don’t even have these plugins installed! But that fact, plus the briefest scrutiny of what directories the failed requests were coming from was enough to spot the pattern and make me go “hmmmmm.”
Now if only there were a plugin that allowed me to send the people hunting for this exploit to hell, I’d be all set.
Watch your server stats, friends. There’s an awful lot of useful stuff in there. The Failed Reports section is often a great indicator of thwarted hacks and other funny business.
September 3rd, 2007 at 5:30 pm
Hi cheryl….you are very computer savy!!Thanks for sharing how to navigate your blog….wow…I had no idea you could do this with stats…..just need to figure out how to get it on my blog/computer!! Thanks for sharing!
Neva
November 9th, 2007 at 8:00 am
[...] reading Why Watch Server Stats? it appears that this person is trying to do the same thing on our [...]