in

Jorgee Malware gives sleepless nights to many. Here’s how to deal with it

Virus Attack

So if you are running a website and receiving weird 404 error pages because of Jorgee Malware. And you notice that all these are referring to something like “Jorgee” or “Mozilla/5.0 Jorgee “, then you are probably the victim of a Jorgee Malware.

We live in a world where we have to keep up with the ever changing world. To err is human, so we created bots. And now bots are everywhere and probably out of control. They are scanning our systems for vulnerability and how to attack our sites. In other words, Frankenstein’s monster has come to haunt us.

404 Error you get
/2phpmyadmin/ /MyAdmin/ /PMA/ /PMA2011/ /PMA2012/ /admin/ /admin/db/ /admin/pMA/ /admin/phpMyAdmin/ /admin/phpmyadmin/ /admin/sqladmin/ /admin/sysadmin/ /admin/web/ /administrator/PMA/ /administrator/admin/ /administrator/db/ /administrator/phpMyAdmin/ /administrator/phpmyadmin/ /administrator/pma/ /administrator/web/ /database/ /db/ /db/db-admin/ /db/dbadmin/ /db/dbweb/ /db/myadmin/ /db/phpMyAdmin-3/ /db/phpMyAdmin/ /db/phpMyAdmin3/ /db/phpmyadmin/ /db/phpmyadmin3/ /db/webadmin/ /db/webdb/ /db/websql/ /dbadmin/ /myadmin/ /mysql-admin/ /mysql/ /mysql/admin/ /mysql/db/ /mysql/dbadmin/ /mysql/mysqlmanager/ /mysql/pMA/ /mysql/pma/ /mysql/sqlmanager/ /mysql/web/ /mysqladmin/ /mysqlmanager/ /php-my-admin/ /php-myadmin/ /phpMyAdmin-3/ /phpMyAdmin/ /phpMyAdmin2/ /phpMyAdmin3/ /phpMyAdmin4/ /phpMyadmin/ /phpmanager/ /phpmy-admin/ /phpmy/ /phpmyAdmin/ /phpmyadmin/ /phpmyadmin2/ /phpmyadmin3/ /phpmyadmin4/ /phppma/ /pma/ /pma2011/ /pma2012/ /program/ /shopdb/ /sql/myadmin/ /sql/php-myadmin/ /sql/phpMyAdmin/ /sql/phpMyAdmin2/ /sql/phpmanager/ /sql/phpmy-admin/ /sql/phpmyadmin2/ /sql/sql-admin/ /sql/sql/ /sql/sqladmin/ /sql/sqlweb/ /sql/webadmin/ /sql/webdb/ /sql/websql/ /sqlmanager/

404 error pages are not good for you because they eat up your organic traffic which in turn will lead to bad user experience just because of high 404 requests.

Jorgee is a scan bot which gathers information from your server and the request for information from Jorgee originates from unique IP addresses, which makes it quite hard to track Jorgee. But the point is that you don’t want this malware scanning your website and creating random 404 request from random IP’s.

To solve this issue on WordPress site or any site running Apache server, just locate your .htaccess file and including following lines:

# Block malware user agents
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_USER_AGENT} ^.*(jorgee|morfeus|other).* [NC]
RewriteRule ^(.*)$ – [L,R=403]
</IfModule>

So when the bot scans, it would get an 403 error (i.e. Forbidden access) and will not go further to access the php applications and thankfully no random 404 errors either. The only bots we love should be from search engines like Google or Bing and rest should be stopped.


 

Written by Moonshot

This guy is fascinated by Technology and Outer space.

ufo Yakutia russia footage

This UFO sighting in Russia is scaring people all around the world

.htaccess file ftp

Where to find your .htaccess file and how to edit it