Hacking attempts

[matjazp]

My site is under "attack", this are the errors:

User: ?
Error: 
Exception: SQLSTATE[42000]: Syntax error or access violation: 1059 Identifier name '/../boot.ini........................................................................................' is too long (in \wire\core\WireDatabasePDO.php line 499)

User: ?
Error: 
Exception: SQLSTATE[42000]: Syntax error or access violation: 1059 Identifier name '/../../../../../windows/win.ini.....................................................................' is too long (in \wire\core\WireDatabasePDO.php line 499) 

What to check? How to react? It's my first time :-)

[dragan]

Maybe a directory traversal attack (to install backdoors or whatnot). I would immediately contact the hosting company, and also check for suspicious files. Lock down your forms, or any other potential areas that allow user-input.

[dragan]

@matjazp did you find out what happened?

[matjazp]

I know it was a bot and I know the originating IP. I blocked IP and agent string and then it stopped. Why/how it happened is unknown. That is, I know it was GET and not POST request, I know the querystring but I wasn't able to duplicate the error.

[flydev]

Hey @matjazp

It could be possible to dig into this a bit further ? ??‍♂️

[matjazp]

I already dig and found nothing. It never happened again.