Plugin Author
AITpro
(@aitpro)
@mods – wow this one is fun. Check out the CSS/HTML throughout this thread page. LOL
Plugin Author
AITpro
(@aitpro)
@flyfisher842 – I am waiting to see what the Mods do about the triplicate posts before answering. The CSS/HTML of this thread post is all whacked out by your content. Awesome! LOL
Plugin Author
AITpro
(@aitpro)
Ok looks like the Mods wiped everything. Was like a bad acid trip there for a second. ha ha ha. Post only the security log entry and use the WP editor “code” button to wrap your Security Log entry in code tags/backticks.
@mods – thanks. 🙂
Plugin Author
AITpro
(@aitpro)
Hello,
Is there anybody in there?
Just nod if you can hear me.
Is there anyone at home?
Plugin Author
AITpro
(@aitpro)
And yeah if you didn’t already guess the reference to the Pink Floyd Comfortably Numb song….
Come on now
I hear you’re feeling down
Well, I can ease your pain
And get you on your feet again
Relax
I’ll need some information first
Just the basic facts
Can you show me where it hurts?
There is no pain, you are receding
A distant ship smoke on the horizon
You are only coming through in waves
Your lips move but I can’t hear what you’re saying
When I was a child I had a fever
My hands felt just like two balloons
Now I’ve got that feeling once again
I can’t explain, you would not understand
This is not how I am
I have become comfortably numb
I have become comfortably numb
O.K.
Just a little pin prick
There’ll be no more aaaaaaaah!
But you may feel a little sick
Can you stand up?
I do believe it’s working, good
That’ll keep you going through the show
Come on, it’s time to go.
There is no pain you are receding
A distant ship smoke on the horizon
You are only coming through in waves
Your lips move but I can’t hear what you’re saying
When I was a child
I caught a fleeting glimpse
Out of the corner of my eye
I turned to look but it was gone
I cannot put my finger on it now
The child is grown
The dream is gone
I have become comfortably numb.
[403 POST Request: October 19, 2015 - 1:41 pm]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 46.20.12.30
Host Name: host-46-20-12-30.ttnetdc.com
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /xmlrpc.php
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.24 (KHTML, like Gecko) Ubuntu/10.10 Chromium/12.0.703.0 Chrome/12.0.703.0 Safari/534.24
I this what you wanted? I can post the rest to the pastebin after I get signed up.
Plugin Author
AITpro
(@aitpro)
Yep that works. Looks like a typical blocked XML-RPC log entry. These old GET log entries are kind of boring now. Check out this new Bonus Custom Code and you will see some more interesting blocked attacks: http://forum.ait-pro.com/forums/topic/post-request-protection-post-attack-protection-post-request-blocker/.
With the new Security Log Limit POST Request Body Data option and this Bonus Custom Code in the link above you can literally capture entire hacker scripts if you are into that thing.
Plugin Author
AITpro
(@aitpro)
Assuming all questions have been answered – thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. We still receive email notifications when threads have been resolved.
Thread Start Date: 10-18-2015 to 10-19-2015
Thread Resolved/Current Date: 10-23-2015