Just a heads up to those running web servers, May want to check logs for last day or two as there have been a number of attacks in the past few days (may be all days and they just got to me...) Look for attempts with: /index.php?s=/module/action/param1/${@die(sha1(xyzt))} /index.php/module/action/param1/${@die(sha1(xyzt))} /index.php?s=/Index/x5Cthinkx5Capp/invokefunction&function=call_user_func_array&vars[0]=sha1&vars[1][]=xyzt Which I'm still working to totally understand, but it is apparently an attempt to provide GET code to enable compromising your site. As usual RIPE is the prime candidate, with attacks coming from 54.38.81.0/24 54.196.169.0/24 Just something to keep an eye on. -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org