Menu
Recently, I've been receiving tons of entries for "/mobiquo/mobiquo.php" in my server logs. However, my site does not use PHP and never has had a file with that name. Does anyone know what "mobiquo" is or why someone whould attempt to access "/mobiquo/mobiquo.php"?
803
It is very likely that you have visitors using the Tapatalk Notifier Chrome Extension. I don't put a link here because its behaviour seems a bit hazardous, but you can find it on Google .
Apparently it blindly tries to POST "/mobiquo/mobiquo.php" on every web page you visit with Chrome to see if it is a tapatalk compatible forum. When it is the case it can retrieve new messages and show a notification.
We've just had the same kind of log on our Ruby on Rails application. As a result, the visitor was instantly disconnected from our site, because of a Rails protection against AJAX queries which are not issued by the website itself (potential XSS attacks).
66
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
