We have an ongoing problem where botnets are doing direct 'GET's to vBulletin's "register.php". It appears that they are somehow using it to send out email.
We are at the current vB 3.x level: 3.8.6 PL1.
The only way that we've found to stop it is to rename or remove "register.php". When we do that then the hits start getting 404's and the bounced mail messages start to disappear. As soon as we put register.php back then, within minutes, it starts up again.
We need a vBulletin supported variable for the name of that file, please. We do not want to vary the code base from vB standard.
Thanks very much.
We are at the current vB 3.x level: 3.8.6 PL1.
The only way that we've found to stop it is to rename or remove "register.php". When we do that then the hits start getting 404's and the bounced mail messages start to disappear. As soon as we put register.php back then, within minutes, it starts up again.
We need a vBulletin supported variable for the name of that file, please. We do not want to vary the code base from vB standard.
Thanks very much.
Comment