Beware of this IP Address!

208.249.136.180

I found this in my error logs:

[Fri Sep 21 22:22:24 2012] [error] [client 208.249.136.180] File does not exist: /home/xxxx/public_html/phpmyadmin, referer: http://xxxxx/phpmyadmin/scripts/setup.php
[Fri Sep 21 22:22:24 2012] [error] [client 208.249.136.180] script '/usr/share/phpMyAdmin/scripts/setup.php' not found or unable to stat, referer: http://xxxx/phpMyAdmin/scripts/setup.php

Googling, I found this page:

http://www.bizimbal.com/odb/details.html?id=1200613

It looks like someone was trying to get into phpMyAdmin, so beware, and watch your error and access logs!

I added this to .htaccess to block them:

order allow,deny
deny from 208.249.136.180
allow from all

I'm also looking into fail2ban, has anyone installed this?

http://www.fail2ban.org/wiki/index.php/Main_Page

Found another one up to the same no good:

89.135.124.125

I am using fail2ban on my system.

When you install it, it will SCARE you!

I have a private server on my own network and I get 100+ emails a day where IP's are attempting brute force method one way or another.

The day after I installed fail2ban, I changed EVERY system password to 16 characters, 4 numbers and 4 upper case characters.

Unfortunately since they are RANDOM character passwords, I have to keep that list in a text file in my drop box.

Luckily I keep my phone secure, and my notebook secure, so unless I am forced to reveal those passwords at gunpoint, I feel pretty safe about it.

But, IF you have your own server I totally recommend FAIL2BAN!

Working on the server is something I don't like, I've pretty much taught myself everything about SEO, web design, server maintanence, etc.... I've built hundreds of sites, but working on a server is something I don't like to do, considering I have dozens of domains on my vps, and could bring them all down with one wrong move. I know, I've done it! lol