Block revslider Scans

Block revslider Scans One of the most annoying, persistent scans I’ve seen in a long time are those hunting for the revslider vulnerability. In the five or so months since the exploit was discovered, many sites have been compromised. And based on what I’ve been seeing in my traffic logs, the risk is far from over. Apparently every 2-bit script kiddie and their pet hamster wants a piece of the “revslider action”. Hour after hour, week after week, month after month, hundreds and thousands of malicious URI requests such as: https://example.com/some-random-post/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php https://example.com/another-random-post/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php http://example.com/yet-another-post/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php http://example.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php These examples show revslider in the query string, but […] Read More “Block revslider Scans”