Has anyone ever seen the below error in a site running on Concrete CMS ?
This is from the apache error log file
[Thu Jan 31 08:06:51 2013] [error] [client 41.56.88.53] File does not exist: /va
r/www/\r\n SomeCustomInjectedHeader:injected_by_wvs, referer: http://www.mysite.com:80/ [Thu Jan 31 08:06:51 2013] [error] [client 41.56.88.53] File does not exist: /va r/www/\n SomeCustomInjectedHeader:injected_by_wvs, referer: http://www.mysite.com
Looks like some kind of injected file. Does anyone have any idea how I can find what is causing those entries in the error logs?
That has nothing to do with concrete5. It's a scan from an external source, looking for some sort of vulnerability.
This could be good (some hosting providers might do it to make sure you're not going to get hacked) or bad (someone looking for a machine to attack). But bad is relative. It's like returning to your car and seeing that someone touched your door handle.... If you watch your logs, you'll see plenty of blind attacks like this.