• Bakkie

    (@eeuweb)


    One of my sites i cant login. I get the message “Sorry ….., your request cannot be processed. For security reasons, it was blocked and logged. If you believe this was an error please contact the webmaster and enclose the following incident ID..”

    EDIT> I updated your plugin and tried login back in again. It seems to fixed the problem.

    I found another topic in the forum and logged in with the “.htninja” file. In the Ninjafirewall settings the whitelist is set to > add admin to whitelist (standard).

    Below is a part of the log. Do you have any clue what the reason can be?

    21/Aug/20 14:50:33  #1806165  INFO         -  212.61.19.82     POST /index.php - Sanitising user input - [HTTP_REFERER: https://www.endoscoopcamera.nl/winkel/?query_type_beelddiagonaal=or&filter_beelddiagonaal=256cm-101&query_type_beweegbare-camerakop=or&filter_beweegbare-camerakop=ja-2-richtingen%2Cja-4-...] - www.endoscoopcamera.nl
    21/Aug/20 14:59:34  #1317694  INFO         -  84.241.202.255   GET /index.php - Sanitising user input - [HTTP_REFERER: https://www.google.nl/search?sa=X&tbm=shop&sxsrf=ALeKk02yJEuGoCRkiWp61tclBGzbGtIezw%3A1598014727764&liteui=1&q=opticon+inspectiecamera&oq=opticon+inspectiecamera&aqs=mobile-gws-lite..] - www.endoscoopcamera.nl
    21/Aug/20 16:51:48  #1855980  CRITICAL  1428  51.89.204.170    GET /wp-admin/admin-ajax.php - Unauthenticated action - [GET:do_reset_wordpress = avtive] - www.endoscoopcamera.nl
    21/Aug/20 21:16:04  #3728027  HIGH       310  51.161.105.243   GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:img = ../wp-config.php] - endoscoopcamera.nl
    21/Aug/20 21:52:25  #7868015  CRITICAL  1428  54.37.160.146    GET /wp-admin/admin-ajax.php - Unauthenticated action - [GET:do_reset_wordpress = avtive] - www.endoscoopcamera.nl
    22/Aug/20 00:32:55  #5574119  MEDIUM     306  198.50.163.54    GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4325)] - endoscoopcamera.nl
    22/Aug/20 09:18:53  #8449779  MEDIUM     306  114.143.133.42   GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - endoscoopcamera.nl
    22/Aug/20 09:18:54  #3475730  MEDIUM     306  103.72.189.178   GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - endoscoopcamera.nl
    22/Aug/20 09:18:56  #7693462  MEDIUM     306  171.255.218.26   GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - endoscoopcamera.nl
    22/Aug/20 21:10:20  #8135544  INFO         -  66.249.64.105    POST /index.php - Sanitising user input - [HTTP_REFERER: https://www.endoscoopcamera.nl/winkel/?filter_highlights=accu-li-ion%2Cincl-koffer%2Cbeeldrotatie%2Czoomfunctie%2Copname-functie-geheugen%2Cgroot-display] - www.endoscoopcamera.nl
    23/Aug/20 09:17:54  #7700920  MEDIUM     306  82.137.193.15    GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - endoscoopcamera.nl
    23/Aug/20 09:18:11  #7093560  MEDIUM     306  60.169.210.250   GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - endoscoopcamera.nl
    23/Aug/20 09:33:56  #4926738  HIGH      1366  185.81.157.189   GET /wp-admin/install.php - Unauthorized file access - [SERVER:SCRIPT_NAME = /wp-admin/install.php] - endoscoopcamera.nl
    23/Aug/20 11:19:42  #1860958  MEDIUM     306  5.26.91.222      GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - endoscoopcamera.nl
    23/Aug/20 11:19:44  #2936139  MEDIUM     306  115.78.135.155   GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - endoscoopcamera.nl
    23/Aug/20 11:19:45  #8329679  MEDIUM     306  117.4.64.10      GET /index.php - Bogus user-agent signature - [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] - endoscoopcamera.nl
    23/Aug/20 20:00:50  #1522991  HIGH       310  34.93.168.133    GET /index.php - Access to a configuration file - [GET:aam-media = wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:00:50  #7840223  HIGH       310  34.93.168.133    GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:thumb = ../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:00:51  #3138721  HIGH       310  34.93.168.133    GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:file = /../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:00:52  #1614547  HIGH       310  34.93.168.133    GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:img = ../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:00:52  #4111937  HIGH       310  34.93.168.133    GET /wp-admin/admin-ajax.php - Access to a configuration file - [GET:img = ../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:00:53  #4225397  HIGH       310  34.93.168.133    GET /wp-admin/admin.php - Access to a configuration file - [GET:item = wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:00:54  #1681092  HIGH       310  34.93.168.133    GET /wp-config.php - Access to a configuration file - [SERVER:SCRIPT_NAME = /wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:11  #1154614  HIGH       310  34.93.168.133    GET /wp-config.php - Access to a configuration file - [SERVER:SCRIPT_NAME = /wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:29  #8175044  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:file = ../../../../../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:30  #6482600  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:adaptive-images-settings = ../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:30  #4338260  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:file = ../../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:31  #8206265  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:file = ../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:31  #8456304  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:filepath = ../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:32  #1064570  CRITICAL     3  34.93.168.133    GET /index.php - Local file inclusion - [GET:ajax_path = /etc/passwd] - www.endoscoopcamera.nl
    23/Aug/20 20:01:33  #3805885  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:libpath = ../../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:33  #4945217  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:file = /../../../../../../etc/passwd] - www.endoscoopcamera.nl
    23/Aug/20 20:01:34  #5388606  HIGH       310  34.93.168.133    GET /index.php - Access to a configuration file - [GET:filename = wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:34  #5107190  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:url = ../../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:35  #1845162  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:file = ../../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:36  #2454483  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:file = ../../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:36  #6218947  CRITICAL     1  34.93.168.133    GET /index.php - Directory traversal - [GET:files = ../../../../wp-config.php] - www.endoscoopcamera.nl
    23/Aug/20 20:01:37  #1729197  CRITICAL     1  34.93.168.133    GET /wp-admin/admin-post.php - Directory traversal - [GET:alg_wc_pif_download_file = ../../../../../wp-config.php] - www.endoscoopcamera.nl
    24/Aug/20 10:16:55  #1086382  CRITICAL     -  213.125.53.50    POST /index.php - BASE64-encoded injection - [POST:g-recaptcha-response = 03AGdBq24XQnfnglI6v92PLio7YAVngU2xCDU7HXpq7J951A7-IiEyzoWph1z0GuVM910Ibq2XooANL77kzTadwzcnZ6Om5Raoq9wWncCJA9AQ3bi-XwtdtZMTY5K65plky2ZdA6ihC6-XnYiKnd75vYM2QfTk10UQHRDjtft_My...] - www.endoscoopcamera.nl
    24/Aug/20 10:26:28  #7716409  CRITICAL     -  213.125.53.50    POST /index.php - BASE64-encoded injection - [POST:g-recaptcha-response = 03AGdBq24XQnfnglI6v92PLio7YAVngU2xCDU7HXpq7J951A7-IiEyzoWph1z0GuVM910Ibq2XooANL77kzTadwzcnZ6Om5Raoq9wWncCJA9AQ3bi-XwtdtZMTY5K65plky2ZdA6ihC6-XnYiKnd75vYM2QfTk10UQHRDjtft_My...] - www.endoscoopcamera.nl
    • This topic was modified 10 months ago by Bakkie.
Viewing 1 replies (of 1 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Did you try to log in using another device (smartphone, tablet etc) to make sure there’s no more problem?
    I can see the last 2 log lines mentioned “g-recaptcha-response”, it looks like there was an issue with it. Do you have Google Recaptcha on your login page?

Viewing 1 replies (of 1 total)
  • The topic ‘Blocked admin login’ is closed to new replies.