RAR files are compressed files, often used by hackers or pirates, in place of a zip file. Zip files are a convenient way to back up a website. It is possible to back up a website to a zip file using CPANEL’s file manager. I had, until a few minutes ago, several zip files on my host from when I changed hosts. These files contained all the details of site. They included the database password as part of the configuration of WordPress.
I was just hit by robot scanning several sites for a variety of RAR and ZIP files. I think they were trying to find an archive of one of my sites.
These are some of the files that were scanned for. Fortunately I did not have any of these lying around.
/2013.rar, /old.rar, /news.rar, /beifen.rar, /2.rar, /3.rar, /htdocs.rar, /ag.rar, /uploads.rar, /11.rar, /db.rar, /1.rar, /www2.rar, /com.rar, /ceshi.rar, /wwwroot.rar, /webcom.rar, /web.rar, /shujuku.rar, /www.rar, /flashfxp.rar, /\xcd\xf8\xd5\xbe.rar, /wwwroot.zip, /webcom.zip, /htdocs.zip, /111.rar
I am adding some of these to my WP Protection program. I can’t block any access of just any zip or rar because there are legitimate reasons for letting users download them. Anyone who scans for one of the files above and doesn’t find it will be added to the htaccess deny list.