Possible Backdoor?


#1

I found a site hotlinking to one of my images. I contacted Hostgator support because I am using the cPanel hotlink protection. They directed me to add a particular line to .htaccess to deny that IP. It didn’t stop the hotlinking. After relaying this info to Hostgator, they replied with this:

“The requests are coming from a number of other IP addresses, so it seems that our initial diagnosis was incorrect. The common threads for the requests is that many (not all) come via google.com in some way (possibly the image search), and that they ALL come via your Piwik suite. The suite is password-protected, but it seems that there may be some back doors that we are unaware of, that are allowing access to this image. Would it be possible to put a limit for piwik access to a specific address or range of addresses, so you could still see your stats, but others can not exploit the back door?”

So, I would like to know if there is a place in Piwik that I can do what they ask?

Keep in mind I am not an expert on these things, but can work well with specific directions. :slight_smile:

Thanks,

Mark


(Matthieu Aubry) #2

The common threads for the requests is that many (not all) come via google.com in some way (possibly the image search), and that they ALL come via your Piwik suite

Sorry but that sentence does not make sense to me. can you please ask him to explain what hemeans?


(vipsoft) #3

Piwik can’t track resource files that are served directly by Apache.


#4

I’ll see if I can get an explanation out of Hostgator…

If that was meant for me, I have no idea what it means, unless you’re saying that Piwik can’t track the image file that is being hotlinked?


(Matthieu Aubry) #5

You can actually now track these if you are ready to analyze your server logs: Log Analytics - Analytics Platform - Matomo (NEW feature!)


#6

Thanks, but it’s something else I’d have to learn first, and right now I just don’t have the time. Still waiting on an answer from Hostgator.