I quite frequently see logentries like this:
Processing MenuController#menu (for 81.18.246.182 at 2010-09-29 21:06:22) [GET] Parameters: {"anything"=>["phpMyAdmin", "config", "config.inc.php"], "p"=>"phpinfo()"} Redirected to http://85.214.197.248/authentication/login Filter chain halted as [#<Proc:0xb74c7784@/home/xxx/yyy.de/releases/20100929164559/vendor/rails/actionpack/lib/action_controller/verification.rb:82>] rendered_or_redirected. Completed in 1ms (DB: 0) | 302 Found [http://85.214.197.248/phpMyAdmin/config/config.inc.php?p=phpinfo();]
Obviously these guys try to find some weakness in my server. They very often retry a list of login attempts to get some successful login sending Parameters like this: {"anything"=>["phpMyAdmin"]} {"anything"=>["phpmyadmin","config","config.inc.php"],"p"=>"phpinfo()"} {"anything"=>["pma","config","config.inc.php"], "p"=>"phpinfo()"} {"anything"=>["admin","config","config.inc.php"],"p"=>"phpinfo()"} {"anything"=>["dbadmin","config","config.inc.php"],"p"=>"phpinfo()"} {"anything"=>["mysql","config","config.inc.php"],"p"=>"phpinfo()"} {"anything"=>["php-my-admin","config","config.inc.php"],"p"=>"phpinfo()"} {"anything"=>["myadmin","config","config.inc.php"],"p"=>"phpinfo()"} {"anything"=>["PHPMYADMIN","config","config.inc.php"],"p"=>"phpinfo()"} {"anything"=>["phpMyAdmin","config","config.inc.php"],"p"=>"phpinfo()"} {"anything"=>["p","m","a","config","config.inc.php"],"p"=>"phpinfo()"}
What's the best way to process these hacking attempts?