Autoptimize being attacked?

  • Resolved oschicus

    (@oschicus)


    7 years, 7 months ago

    Dear Frank,

    I just wanted to let you know that sucuri ha blocked this attack which seems to go to Autoptimize:

    Request Summary

    Blocking Reason:MET043 – HTTP method not allowed
    Resource Path:WhitelistBlacklist/wp-content/cache/autoptimize/css/
    IP Address:WhitelistBlacklist79.232.208.123
    Reverse IP:p4FE8D07B.dip0.t-ipconnect.de
    Request Method:OPTIONS
    HTTP Protocol:HTTP/1.0
    HTTP Status:403
    HTTP Referer:(no referer)
    HTTP User-Agent:Microsoft Office Protocol Discovery
    Date/Time (GMT):29/Jul/2017:07:04:10 -0400

    Please check this out, and if you have to sort something, do it as soon as possible.

    I llove your plugin, and I don’t want that the same to be attaccked..

    THANKS,

    oSCAR

Viewing 1 replies (of 1 total)
  • Plugin Author Optimizing Matters

    (@optimizingmatters)

    As far as I can see nothing to worry about:
    * most webservers have OPTIONS off anyhow
    * OPTIONS is not used or honored by AO at all
    * autoptimize cache-files by default are static, so there’s nothing to attack there (all is handled by the webserver, no PHP-code active in wp-content/cache/autoptimize)

    hope this clarifies,
    frank

Viewing 1 replies (of 1 total)
  • The topic ‘Autoptimize being attacked?’ is closed to new replies.