SQL Injection Part II
Either the has stopped for the moment or the solution I found is working, as I have not had any more instances show up in my log for Wordpress since I added his code to my .htaccess file. The very talented person at that website provides a detailed explanation for every line in that file so I won’t post it here. If your server is under attack - even if your’s is a server the attack is sucking up your bandwidth and resources, you should use or adapt this for your server. There was one line I had to remove
RewriteCond %{QUERY_STRING} ^.*\.[A-Za-z0-9].* [NC,OR]
as it caused a problem with WordPress and one line I modified
RewriteRule ^(.*)$ access_log.php
replacing the access_log.php with 403.shmtl to send any failed requests to my 403 page.
