Is someone trying to hack my site?

[mrHunt]

So after viewing Report Logs for my website Ive begun to find a Significant amount of strange extensions that various ip's are trying to Log into.

These extensions would be all administrative pages, and with refrence to my site, Ones that dont actually EXIST. .....its still concerning Considering that im not aware what vunerabilities my site my Have and what it would take to find and exploit those. What do you guys think?

Ive already removed alot of links stating that my site Runs on wordpress but the footer link CANT be removed without Wrecking my whole template for some reason....

The Extensions in question are:

www.mysite.com/wp-admin/media-upload.php
/wp-cron.php
//wp-admin/admin-ajax.php
/wp-admin/async-upload.php


I backup Frequently and whatnot but im concerned that someone is looking for vunerabilities on my site with these extensions, is that it or am i just being paranoid? IM running the newest wordpress, Latest on everything and Taken every precaution i know how.

btw, my sites myhotasiangirls.net if u wanna look for yourself to see if it could be anymore secure id appreciate it!

mrHunt Reviewed by mrHunt on 31st Oct 2011. Is someone trying to hack my site? So after viewing Report Logs for my website Ive begun to find a Significant amount of strange extensions that various ip's are trying to Log into. These extensions would be all administrative pages, and with refrence to my site, Ones that dont actually EXIST. .....its still concerning Considering that im not aware what vunerabilities my site my Have and what it would take to find and exploit those. What do you guys think? Ive already removed alot of links stating that my site Runs on Rating: 5

[masterb56]

My suggestion is to ban the ip doing the scan. I'm guessing they are scanning for old versions of wordpress and/or those vulnerable plugins.

I forgot but I saw some website where they list the common php commands used by hackers - like base64_encode, exec, fopen, etc... I scanned my php files using that. It takes a while to get used to it cause some of these are actually being used by wordpress so you gotta figure out what supposed to be there and what's shouldn't.

Also check htaccess files on your server, hackers either create or modify that to upload non-php shells.

[deliteblogger]

the footer link that you cant delete is probably protected by a few lines of php code in index.php. most of the times you just have to delete/comment out those lines and voila

[mrHunt]

I figured there was Code that Searched to see if the footer code was present, The only problem is that i didnt know what PAGE it was located in,

And even if it IS in Index.php, Im not Skilled enough to Realize that thats the Code that i should delete......If you have any ideas what this code would look like id love any advice/suggestions.

thanks!