j debert a écrit :
> it seems that roundcube is popular.
>
> It seems to be most popular among bots as well, according to what my
> apache logs say. I don't have roundcube but there are frequent
> attempts to get to php scripts down in the roundcube directories. I'd
> probably see orders of magnitude more if it weren't for fail2ban. I
> wonder what it is that makes it so popular?
>
you mean things like
GET /roundcube-0.2//bin/msgimport
GET /round//bin/msgimport
..
they're looking for old versions.. See
http://asert.arbornetworks.com/2009/01/roundcube-webmail-scanning/
http://stateofsecurity.com/?p=550
Funnily enough, they don't try SSL. (note that enforcing SSL for any
web mail application is a good practice)
