misa2016

Wow, i guess i over looked at that settings there!
Works now.
Thank you very much for your help!
Regards,
Misa

Info sent to your email.
And thank you for your initiative to integrate it with wp-bakery, looking forward to when is complete, so i can buy the pro edition or all the plugins pack that you have.
U can also integrate all plugins that you have too.
Thanks!

Yes!!! I works now! The warning went away and also in REMOTE_ADDR i see my real ip too.As for the file i have in the folder: /public_html/.htninja

I appreciate your fast responses and help!

Thank you friend.

(Left a review also for you)

• This reply was modified 7 years, 9 months ago by misa2016.
• This reply was modified 7 years, 9 months ago by misa2016.
• This reply was modified 7 years, 9 months ago by misa2016.

I see few ip blocks in firewall log:

02/Aug/18 23:13:54 #4153620 MEDIUM 306 162.158.155.64 POST /index.php – Bogus user-agent signature – [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] – ……(my domain name was here…)
03/Aug/18 17:27:18 #3947619 MEDIUM 306 162.158.178.233 POST /index.php – Bogus user-agent signature – [SERVER:HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)] – ….
04/Aug/18 11:43:03 #6267613 CRITICAL – 162.158.103.115 POST /index.php – BASE64-encoded injection – [POST:z0 = QGluaV9zZXQoImRpc3BsYXlfZXJyb3JzIiwiMCIpO0BzZXRfdGltZV9saW1pdCgwKTtAc2V0X21hZ2ljX3F1b3Rlc19ydW50aW1lKDApOyRucGF0aD0kX1NFUlZFUlsnRE9DVU1FTlRfUk9PVCddLkJhU0U2NF9kRWNPZEUoJF9HRVRbJ3o0J10pO2Z1bm…] – …..
04/Aug/18 11:43:07 #5948435 CRITICAL – 162.158.102.30 POST /index.php – Blocked file upload attempt – [sfn.php (107 bytes)] – …..
04/Aug/18 11:43:09 #3641471 CRITICAL – 162.158.102.246 POST /wp-admin/admin-ajax.php – Blocked file upload attempt – [sfn.php (107 bytes)] – …..
04/Aug/18 11:43:14 #8875386 CRITICAL – 162.158.102.30 POST /index.php – Blocked file upload attempt – [sfn.php (107 bytes)] – …..
04/Aug/18 11:43:17 #5610787 CRITICAL – 162.158.102.246 POST /index.php – Blocked file upload attempt – [sfn.php (107 bytes)] – ….
04/Aug/18 11:43:21 #8546129 CRITICAL – 162.158.103.13 POST /index.php – Blocked file upload attempt – [sfn.php (107 bytes)] – ….
04/Aug/18 11:43:23 #2975435 CRITICAL – 162.158.102.162 POST /index.php – Blocked file upload attempt – [sfn.php (107 bytes)] – ….
04/Aug/18 11:43:26 #7100653 CRITICAL – 162.158.102.162 POST /index.php – Blocked file upload attempt – [sfn.php (107 bytes)] – ….
04/Aug/18 11:43:29 #8407632 CRITICAL – 162.158.103.115 POST /index.php – Blocked file upload attempt – [sfn.php0x00.jpg (107 bytes)] -….
04/Aug/18 11:43:31 #4720366 CRITICAL – 162.158.102.174 POST /index.php – Blocked file upload attempt – [sfn.php (107 bytes)] – ….

Thanks for your help!.

• This reply was modified 7 years, 9 months ago by misa2016.

Thanks for reply.
I have read the article and added the file in /home/user/public_html/.htninja (file)
also edited the file with only

// Users of Incapsula CDN:
if (! empty($_SERVER[“HTTP_INCAP_CLIENT_IP”]) &&
filter_var($_SERVER[“HTTP_INCAP_CLIENT_IP”], FILTER_VALIDATE_IP) ) {
$_SERVER[“REMOTE_ADDR”] = $_SERVER[“HTTP_INCAP_CLIENT_IP”];
}

and i see the ip’s in the live log, but that warning still there
http://i63.tinypic.com/2059njs.jpg

Anyway,
Thanks for your advice.