Support » Fixing WordPress » WP Injection

  • Resolved t0rtur0

    (@t0rtur0)


    hello… i have to tell yoi i am havin problems with some domains who has WP on it… i put in here what my email says…
    YOU WILL CAN MAYBE HELP…

    [Sat Aug 01 13:38:38 2015] [notice] Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 configured -- resuming normal operations
    [Sat Aug 01 13:36:41 2015] [notice] Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 configured -- resuming normal operations
    [Sat Aug 01 13:22:26 2015] [error] [client 151.33.46.250] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "torturo.com"] [uri "/xmlrpc.php"] [unique_id "Vb0OYUg0lZsAAHu7YI4AAAAO"]
    [Sat Aug 01 13:22:19 2015] [error] [client 176.31.107.29] ModSecurity: Access denied with code 500 (phase 2). Pattern match "revslider_show_image.*&img=.*(\\\\.php|\\\\.my.cnf|\\\\.bash|wp-config)" at QUERY_STRING. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "890"] [id "5000231"] [hostname "www.ieiac.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Vb0OW0g0lZsAAHuQVqwAAAAM"]
    [Sat Aug 01 13:22:04 2015] [error] [client 151.33.46.250] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.ieiac.org"] [uri "/xmlrpc.php"] [unique_id "Vb0OTEg0lZsAAHuQVqsAAAAM"]
    [Sat Aug 01 13:18:43 2015] [error] [client 189.13.215.188] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "torturo.com"] [uri "/xmlrpc.php"] [unique_id "Vb0Ngkg0lZsAAHmZ91QAAAAI"]
    [Sat Aug 01 13:18:21 2015] [error] [client 189.13.215.188] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.ieiac.org"] [uri "/xmlrpc.php"] [unique_id "Vb0NbUg0lZsAAHfWnPAAAAAF"]
    [Sat Aug 01 13:16:37 2015] [error] [client 196.207.97.62] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0NBUg0lZsAAHRtbQEAAAAH"]
    [Sat Aug 01 13:16:23 2015] [error] [client 188.163.110.100] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "860"] [id "5000224"] [msg "Joomla login request blocked, no referer"] [hostname "departamentosenventacancun.com"] [uri "/administrator/index.php"] [unique_id "Vb0M90g0lZsAAHO8TVwAAAAN"]
    [Sat Aug 01 13:10:53 2015] [error] [client 89.143.131.131] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0LrUg0lZsAAHO8TUQAAAAN"]
    [Sat Aug 01 13:08:37 2015] [error] [client 94.121.23.28] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0LJUg0lZsAAGrtDzkAAAAF"]
    [Sat Aug 01 13:00:57 2015] [error] [client 78.0.26.11] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0JWUg0lZsAAGPT5kkAAAAD"]
    [Sat Aug 01 12:48:54 2015] [error] [client 41.225.99.33] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "poetdeath.com"] [uri "/xmlrpc.php"] [unique_id "Vb0Ghkg0lZsAAGfmS28AAAAE"]
    [Sat Aug 01 12:48:41 2015] [error] [client 115.77.145.103] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.efrainibarra.com"] [uri "/xmlrpc.php"] [unique_id "Vb0GeUg0lZsAAGknnBIAAAAC"]
    [Sat Aug 01 12:36:41 2015] [error] [client 66.249.67.86] File does not exist: /usr/local/apache/htdocs/robots.txt
    [Sat Aug 01 12:34:33 2015] [error] [client 176.31.107.29] ModSecurity: Access denied with code 500 (phase 2). Pattern match "revslider_show_image.*&img=.*(\\\\.php|\\\\.my.cnf|\\\\.bash|wp-config)" at QUERY_STRING. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "890"] [id "5000231"] [hostname "www.ieiac.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Vb0DKUg0lZsAAFvjtNEAAAAB"]
    [Sat Aug 01 12:29:32 2015] [error] [client 189.13.215.188] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "torturo.com"] [uri "/xmlrpc.php"] [unique_id "Vb0B-Eg0lZsAAGPT5XQAAAAD"]
    [Sat Aug 01 12:29:12 2015] [error] [client 189.13.215.188] ModSecurity: Access denied with code 411 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "877"] [id "5000228"] [msg "xmlrpc DoS attempt"] [hostname "www.ieiac.org"] [uri "/xmlrpc.php"] [unique_id "Vb0B6Eg0lZsAAGK-oXUAAAAA"]
    [Sat Aug 01 12:29:07 2015] [error] [client 176.31.107.29] ModSecurity: Access denied with code 500 (phase 2). Pattern match "revslider_show_image.*&img=.*(\\\\.php|\\\\.my.cnf|\\\\.bash|wp-config)" at QUERY_STRING. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "890"] [id "5000231"] [hostname "www.ieiac.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Vb0B40g0lZsAAGHVX5IAAAAK"]
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘WP Injection’ is closed to new replies.