(mod_security) mod_security (id:210492) triggered by 20.22.73.99 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 20.22.73.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 00:38:54.232680 2024] [security2:error] [pid 29342:tid 29342] [client 20.22.73.99:56585] [client 20.22.73.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hollywooddrummers.com"] [uri "/wp-config.php~"] [unique_id "ZzQ7bvmHk7GLx-2_5XGRxAAAAAc"] show less
Brute-ForceBad Web BotWeb App Attack
Anonymous
Bot / scanning and/or hacking attempts: GET /wp-config.php_bckk HTTP/1.1, GET /wp-config.php_old HTT ... show moreBot / scanning and/or hacking attempts: GET /wp-config.php_bckk HTTP/1.1, GET /wp-config.php_old HTTP/1.1, GET /wp-cli.phar HTTP/1.1, GET /wp-config.php.bin HTTP/1.1, GET /wp-config.php.old HTTP/1.1, GET /wp-config.php-s HTTP/1.1, GET / HTTP/1.1, GET /wp-config.hph HTTP/1.1, GET /wp-config.php~ HTTP/1.1, GET /wp-config.php.bak HTTP/1.1, GET /wp-config.php_bak HTTP/1.1 show less
[WedNov1301:04:47.4312682024][security2:error][pid928212:tid928253][client20.22.73.99:0][client20.22 ... show more[WedNov1301:04:47.4312682024][security2:error][pid928212:tid928253][client20.22.73.99:0][client20.22.73.99]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"[a-z0-9]~\$\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1158\"][id\"390581\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-DataLeakage-attempttoaccessbackupfile\(disablethisruleifyourequireaccesstofilesthatendwithatilde\)\"][severity\"CRITICAL\"][hostname\"giftech.ch\"][uri\"/wp-config.php~\"][unique_id\"ZzPtHwwBKphYmZ1ETYm_IwAAAEs\"][WedNov1301:04:48.7451892024][security2:error][pid928309:tid928363][client20.22.73.99:0][client20.22.73.99]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"wp-config\\\\\\\\.php\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"3169\"][id\"381206\"][rev\"4\"][msg\"Atomicorp.comWAFRules-VirtualJustInTimePatch:AccesstoWordPressconfigurationfileblocked\"][data\"wp-config.php\"][severity\"CRITICAL\"][hostname\"giftech.ch\"][u show less
(mod_security) mod_security (id:210492) triggered by 20.22.73.99 (US/United States/Virginia/Boydton/ ... show more(mod_security) mod_security (id:210492) triggered by 20.22.73.99 (US/United States/Virginia/Boydton/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 5 in the last 3600 secs (CF_ENABLE) show less
[TueNov1222:00:13.2628222024][security2:error][pid3119617:tid3119661][client20.22.73.99:0][client20. ... show more[TueNov1222:00:13.2628222024][security2:error][pid3119617:tid3119661][client20.22.73.99:0][client20.22.73.99]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"[a-z0-9]~\$\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1158\"][id\"390581\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-DataLeakage-attempttoaccessbackupfile\(disablethisruleifyourequireaccesstofilesthatendwithatilde\)\"][severity\"CRITICAL\"][hostname\"formadhoc.ch\"][uri\"/wp-config.php~\"][unique_id\"ZzPB3QRbr_EuD2OHIj_1mgAAARA\"][TueNov1222:00:14.2946522024][security2:error][pid3119617:tid3119661][client20.22.73.99:0][client20.22.73.99]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"[a-z0-9]~\$\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1158\"][id\"390581\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-DataLeakage-attempttoaccessbackupfile\(disablethisruleifyourequireaccesstofilesthatendwithatilde\)\"][severity\"CRITICAL\"][hos show less
Blog Spam
Anonymous
(mod_security) mod_security triggered on hostname [redacted] 20.22.73.99 (US/United States/-)