Regarding the /wp-content/uploads/ attack, we used Make to automate article writing, and also used Make to automate image acquisition and upload it to the WordPress website.
We use Make to automatically upload an average of 120 images per day.
However, our website host often receives reports of attacks. The following is the attack information provided by the host:
Possibly
You may need to contact the make customer service for details.
log file
uploads directory listing files
Matched "Operator Rx' with parameter /wp-conte…
Fill in the complete log
uploads directory listing files
Matched "Operator Rx' with parameter /wp-content/uploads/$’ against variable REQUEST_URI' (Value: /wp-content/uploads/’ )
This is normal internet behaviour, and has nothing to do with Make.
Basically, there are script kiddies on the internet who deploy penetration software to find and attempt to hack Wordpress websites.
To prevent a security compromise, you are expected to install, configure, and manage security plugins or firewalls on your web server, or use a DNS-based medium like Cloudflare (which is easier to use).
Hope this helps! Let me know if there are any further questions or issues.
Regarding the /wp-content/uploads/ attack, could it be that we use Make to automate article writing, and use Make to automate image acquisition and automatically upload it to the WordPress website?
Our Make automation automatically uploads an average of 120 images every day, and Mr. Cheng also manually uploads 100 to 150 images every day.
Hello Make official, I just tested it and found that the IP was locked by the hosting company. I found that the problem may be caused by the broken images in the WordPress article editor:
The problem may be in the image code. The following is the image HTML format when I insert the image into the WordPress article. This may be the cause of the problem:
Description of the host:
This code is considered a backdoor program.
Simply put
/wp-content/uploads/ itself has no protection mechanism.
Upload any data from outside
This code will cause our IP
Keep getting the /wp-content/uploads/ directory and upload the image
It will cause the server to list all files in the directory, leading to information leakage and injection of malicious code.
This is not allowed
And the frequency is too dense
Up to 20-30 movements per second
Question: How can I fix the code to solve this problem?
You can also use the Hire a Pro category to request for private 1-to-1 assistance via video call/screenshare/private messaging/etc. This may help you get your issue resolved faster especially if it is urgent or contain sensitive information. It is important to post your request in the Hire a Pro category, as forum members are not allowed to advertise their services in other categories like here (even if it’s free/unpaid). Posting in the Hire a Pro category will allow other members to assist you over other forms of communication.
Alternatively, you can contact Make Support.
Directly contacting support can often lead to a faster resolution. Make support has access to your specific account details, scenario and scenario logs, server-side logs, and internal tools and resources, which allows them to investigate more thoroughly than what you have access to. Additionally, sharing potentially sensitive information about your account, scenario variables, and output bundles might not be advisable as it is a public forum.
You can open a new ticket here, or if you are unable to login for some reason, you can create another new free Make account to access the ticketing system (which is only available to logged-in users). After submitting a new ticket, you will receive an automatic confirmation email with the subject “Ticket Created” in the subject. If you do not receive this, try sending the ticket again.
If you manage to get your issue resolved with support, we’d still love to hear about it! Sharing your solution on the forum can help others facing similar problems.
Hope this helps! Let me know if there are any further questions or issues.
