Yes, that is an attack. This is what the string looks like using this online decoder: http://meyerweb.com/eric/tools/dencoder/
-d allow_url_include=on -d safe_mode=off -d suhosin.simulation=on -d disable_functions="" -d open_basedir=none -d auto_prepend_file=php://input -d cgi.force_redirect=0 -d cgi.redirect_status_env=0 -n
The HTTP Status Response code is 500 meaning that the attack failed with a 500 Internal Server Error. It is possible, but not very likely, that that 500 error is causing some sort of chain reaction with your caching plugin resulting in a redirect problem – very unlikely, but might be possible.
As long as your PHP server version is at least 5.3 then that attack will fail. See this link for more info: http://security.stackexchange.com/questions/46566/protect-against-post-cgi-bin-php-attacks
- This reply was modified 1 day ago by AITpro Admin.
- This reply was modified 23 hours, 49 minutes ago by AITpro Admin.