Todd wrote: >> Also avoid having phpMyAdmin off the main web directory. Ordinary users >> > don't need access and should never have access to it. Hide it away >> > somewhere and create a virtual Apache host to use it with a >> non-standard >> > port number. Make it hard for the hackers and spoilers to find it. >> >> Um, no. The answer is yum remove phpMyAdmin on a production system. As I >> read the logs for all our servers, and a number are world-visible >> websites, I can't tell you the number of times I've seen probes looking >> for that. > > I don't run PHPMyAdmin, I connect to my MySQL over SSH and obviously run > SSH on an alternative port and don't allow root log-ins. > > But I do have some fun with those that try and snoop for URL's like > /Php-my-admin, /p/m/a, /admin, /sqlweb, etc, etc. If I see something new > show up, I add it. I redirect them through ReWrite rules to a RewriteRule > .* > http://%{REMOTE_ADDR}%{REQUEST_URI} [L,R=301,QSA] Hmmm... what's that do? The thought that comes to mind is to redirect them to a known malware site, or some site that you consider to have the most obnoxious set of popups/popunders/driftons (preferably all at the same time), or maybe a pr0n site.... mark "and I think you should deposit at least 1% of that $25M US in this bank account I'll set up...."