This isn’t an exploit. Abdull is a political figure in the middle east. So you all add his name to your mod_sec rules, no news about him can be served by your webservers. This is a clever trick, not meant to damage your sites, but get you to exclude the name.
Just make sure you block the IPs and not the string for these kinds of attack, and only after sufficient attempts.
I know it’s been a long time since this thread has been posted to, but if your want your Wordfence to be able to feed back information about attacks, which seems worthwhile, you could (or have your host add) the following line to the /etc/csf/csf.allow file.
tcp:out:d=9050:d=69.46.36.10 # Wordfence
We’ve done this at UnixGuru Hosting, as we alert customers if their blogs are attempting outgoing connections and at one stage had a lot of false alarms due to this.
Make sure you limit it to the IP above though, otherwise pot 9050 could also show that you are running a TOR relay, which would not be good if you were on shared hosting.
