Centrora Security™
[resolved] LOTS of alerts! (4 posts)

  1. cherylcope
    Posted 3 years ago #

    Should I be concerned about these? I am getting over a 100 per day of attacks reported to my email. This one is common:TYPE: Found Malicious User Agent
    DETECTED ATTACK VALUE: python-requests/1.1.0 CPython/2.7.3 Linux/3.2.0-31-virtual
    ACTION: Blocked
    LOGTIME: 2013-07-04 04:31:43
    FROM IP: http://whois.domaintools.com/
    URI: http://www.cherylcope.com/robots.txt
    USERAGENT: python-requests/1.1.0 CPython/2.7.3 Linux/3.2.0-31-virtual

    I don't have a page named "robots". I tried to search for it on my host side files but couldn't find it. Should I be doing something to clean up my site or what?


  2. mikeotgaar
    Posted 2 years ago #

    This thread is related http://wordpress.org/support/topic/found-malicious-user-agent
    Robots: You have a VIRTUAL robots.txt created by WordPress when requested, which is why you can't find it server side.

    The virtual robots.txt is very basic however - here's the content

    User-agent: *
    Disallow: /wp-admin/
    Disallow: /wp-includes/
    Sitemap: http://www.cherylcope.com/sitemap.xml.gz

    I always upload a custom physical robots.txt file for WordPress to the root folder. Here's a basic guide to upload the file to your site. There's also a basic robots.txt file for WordPress you can download and use at that link

    Robots.txt is there to tell web spiders what they should not crawl / what they may crawl. Bots that don't read this file before crawling the site, or crawl disallowed files and folders are known as rule breakers.

    "Should I be doing something to clean up my site"

    OSE Firewall is stopping external requests. Looks like it's doing it's job :)
    Requests for odd looking files you don't have may be hacker bots or hackers looking for vulnerabilities - If those files don't exist, your site is probably OK. Or could be backlinks with typing errors...
    If in doubt, use a malware/vulnerability scan plugin to check, or get a security specialist to examine the site.

  3. osexcel
    Plugin Author

    Posted 2 years ago #

    Hi Mike

    We see that your website is showing a 403 error, please double check it, if this is caused by OSE Firewall, please send us a ticket here:


    Best wishes
    ProWeb Team

  4. mikeotgaar
    Posted 2 years ago #

    It was probably while I was doing some work on the site. Should be OK now
    Thanks for Heads-up

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Centrora Security™
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic


No tags yet.