(mod_security) mod_security (id:225170) triggered by 13.66.174.81 (-): 1 in the last 300 secs; Ports ...
show more(mod_security) mod_security (id:225170) triggered by 13.66.174.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:57:15.128448 2026] [security2:error] [pid 5519:tid 5519] [client 13.66.174.81:36798] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dandksupply.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dandksupply.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiq-u65mbquIjYkIgviqSwAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
(wordpress) Failed wordpress login from 13.66.174.81 (US/United States/-)
Brute-Force
Anonymous
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/2.0, GET / HTTP/2.0, GET /wp-json/wp/v ...
show moreBot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/2.0, GET / HTTP/2.0, GET /wp-json/wp/v2/users/ HTTP/2.0
show less
(wordpress) Failed wordpress login from 13.66.174.81 (US/United States/Washington/-/-/[redacted]): ...
show more(wordpress) Failed wordpress login from 13.66.174.81 (US/United States/Washington/-/-/[redacted]): (CF_ENABLE)
show less
[ThuJun1114:36:06.2889982026][security2:error][pid2014556:tid2014642][client13.66.174.81:0]ModSecuri ...
show more[ThuJun1114:36:06.2889982026][security2:error][pid2014556:tid2014642][client13.66.174.81:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"feldenkraisticino.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiqrtu8Ld5a5smZw3__qsQAAAMA\"]
show less