If you find something like that in your logfiles:
Your Server is a victim of a http-Inject attack.
you may find out that the above url points to a page containing this:
What's going on ?
A Zombie network tries to add your Server as a new Zombie for whatever reason. It works like this: In PHP, you may include external files from the internet using e.g. include 'http://www.example.com/file.php'; As soon as you (or your Content-Management System) uses this together with special URL's, You run into the following problem: If 'someone' types an URL like e.g. http://www.example.com/page.php?URL=http%3A%2F%2Fwww.xxx.com/....bad_page.php the code from www.xxx.com/....bad_page.php is executed on YOUR Server. the Result of <?php echo md5("just_a_test"); ?> is "c6db3524fe71d6c576098805a07e79e4"
So What ?
If 'someone' is not a Person, but a Zombie Computer, it will check out all possible cases to create an access on the just_a_test page. The MD5-Sum c6db3524fe71d6c576098805a07e79e4 apears now somewhere on your page, and the Zombie knows that your Server accepts external PHP scripts.
What to do ?
If you do not use 'http:' within your URL's Query_String you may simply add the following code at the beginning of all of your PHP-Files:
your script is able to load external pages, it just gives back an empty Page
As an alternative, if you are able to change your .htaccess file, you may create a rewrite rule 403 FORBIDDEN there:
For RewriteEngine on IIS Servers, try google or wikipedia
Warn other Webmasters with a Link to this Page: