Firefox Miami Style?

Part of run­ning an actu­al serv­er (as opposed to shared web host­ing) is actu­al­ly being con­cerned about secu­ri­ty. I reg­u­lar­ly keep an eye on my access logs and the like, and I don’t usu­al­ly find that much to wor­ry about — I just keep ipt­a­bles, and a few oth­er tools, with­in reach.

But this par­tic­u­lar user-agent string show up in vis­its from time to time (bots, I’m guess­ing)… what the hell is Fire­fox Mia­mi Style?

An exam­ple:

37.9.53.64 - - [26/Dec/2013:13:34:39 -0500] "POST /wp-login.php/wp-login.php HTTP/1.1" 200 10956 "writegeek.com/wp-login.php/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:21.0) Gecko/20100101 Firefox/21.0 USA\\Miami Style"

Try­ing to POST to a nonex­is­tent URL? That’s clas­sic Mia­mi style, if I’ve ever seen it.

3 thoughts on “Firefox Miami Style?”

  1. I am cur­rent­ly run­ning a web­site for a neigh­bor­hood and I too noticed many failed attempts to access the admin sec­tion of the site…

    Mozilla/5.0 (Win­dows NT 6.1; rv:21.0) Gecko/20100101 Firefox/21.0 USA\Miami Style 

    Not sure what it is yet but I’m looking.

  2. Just encoun­tered this one myself, same as Joe described last year — attempt­ing brute force password-guessing to login as Admin/Administrator/etc.

Leave a Reply to Claw Cancel reply

Your email address will not be published. Required fields are marked *