WP Injection
-
hello… i have to tell yoi i am havin problems with some domains who has WP on it… i put in here what my email says…
YOU WILL CAN MAYBE HELP…[Sat Aug 01 13:38:38 2015] [notice] Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 configured -- resuming normal operations [Sat Aug 01 13:36:41 2015] [notice] Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 configured -- resuming normal operations [Sat Aug 01 13:22:26 2015] [error] [client 151.33.46.250] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "torturo.com"] [uri "/xmlrpc.php"] [unique_id "Vb0OYUg0lZsAAHu7YI4AAAAO"] [Sat Aug 01 13:22:19 2015] [error] [client 176.31.107.29] ModSecurity: Access denied with code 500 (phase 2). Pattern match "revslider_show_image.*&img=.*(\\\\.php|\\\\.my.cnf|\\\\.bash|wp-config)" at QUERY_STRING. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "890"] [id "5000231"] [hostname "www.ieiac.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Vb0OW0g0lZsAAHuQVqwAAAAM"] [Sat Aug 01 13:22:04 2015] [error] [client 151.33.46.250] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.ieiac.org"] [uri "/xmlrpc.php"] [unique_id "Vb0OTEg0lZsAAHuQVqsAAAAM"] [Sat Aug 01 13:18:43 2015] [error] [client 189.13.215.188] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "torturo.com"] [uri "/xmlrpc.php"] [unique_id "Vb0Ngkg0lZsAAHmZ91QAAAAI"] [Sat Aug 01 13:18:21 2015] [error] [client 189.13.215.188] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.ieiac.org"] [uri "/xmlrpc.php"] [unique_id "Vb0NbUg0lZsAAHfWnPAAAAAF"] [Sat Aug 01 13:16:37 2015] [error] [client 196.207.97.62] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0NBUg0lZsAAHRtbQEAAAAH"] [Sat Aug 01 13:16:23 2015] [error] [client 188.163.110.100] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "860"] [id "5000224"] [msg "Joomla login request blocked, no referer"] [hostname "departamentosenventacancun.com"] [uri "/administrator/index.php"] [unique_id "Vb0M90g0lZsAAHO8TVwAAAAN"] [Sat Aug 01 13:10:53 2015] [error] [client 89.143.131.131] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0LrUg0lZsAAHO8TUQAAAAN"] [Sat Aug 01 13:08:37 2015] [error] [client 94.121.23.28] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0LJUg0lZsAAGrtDzkAAAAF"] [Sat Aug 01 13:00:57 2015] [error] [client 78.0.26.11] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0JWUg0lZsAAGPT5kkAAAAD"] [Sat Aug 01 12:48:54 2015] [error] [client 41.225.99.33] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "poetdeath.com"] [uri "/xmlrpc.php"] [unique_id "Vb0Ghkg0lZsAAGfmS28AAAAE"] [Sat Aug 01 12:48:41 2015] [error] [client 115.77.145.103] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0GeUg0lZsAAGknnBIAAAAC"] [Sat Aug 01 12:36:41 2015] [error] [client 66.249.67.86] File does not exist: /usr/local/apache/htdocs/robots.txt [Sat Aug 01 12:34:33 2015] [error] [client 176.31.107.29] ModSecurity: Access denied with code 500 (phase 2). Pattern match "revslider_show_image.*&img=.*(\\\\.php|\\\\.my.cnf|\\\\.bash|wp-config)" at QUERY_STRING. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "890"] [id "5000231"] [hostname "www.ieiac.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Vb0DKUg0lZsAAFvjtNEAAAAB"] [Sat Aug 01 12:29:32 2015] [error] [client 189.13.215.188] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "torturo.com"] [uri "/xmlrpc.php"] [unique_id "Vb0B-Eg0lZsAAGPT5XQAAAAD"] [Sat Aug 01 12:29:12 2015] [error] [client 189.13.215.188] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.ieiac.org"] [uri "/xmlrpc.php"] [unique_id "Vb0B6Eg0lZsAAGK-oXUAAAAA"] [Sat Aug 01 12:29:07 2015] [error] [client 176.31.107.29] ModSecurity: Access denied with code 500 (phase 2). Pattern match "revslider_show_image.*&img=.*(\\\\.php|\\\\.my.cnf|\\\\.bash|wp-config)" at QUERY_STRING. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "890"] [id "5000231"] [hostname "www.ieiac.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Vb0B40g0lZsAAGHVX5IAAAAK"]
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘WP Injection’ is closed to new replies.