[TueOct0820:14:01.1638872024][security2:error][pid550123:tid550153][client52.178.129.74:0][client52. ... show more[TueOct0820:14:01.1638872024][security2:error][pid550123:tid550153][client52.178.129.74:0][client52.178.129.74]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"wp-content/uploads/.\*\\\\\\\\.ph\(\?:p\|tml\|t\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"5056\"][id\"382238\"][rev\"2\"][msg\"Atomicorp.comWAFRules-VirtualJustInTimePatch:PHPfileexecutioninuploadsdirectorydenied\"][data\"wp-content/uploads/cache.php\"][severity\"CRITICAL\"][hostname\"ristrutturazione-case.ch\"][uri\"/wp-content/uploads/cache.php\"][unique_id\"ZwV2acOY9WJ0Zot8B-Wj0wAAAMI\"][TueOct0820:14:08.1059122024][security2:error][pid550123:tid550153][client52.178.129.74:0][client52.178.129.74]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"wp-content/uploads/.\*\\\\\\\\.ph\(\?:p\|tml\|t\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"5056\"][id\"382238\"][rev\"2\"][msg\"Atomicorp.comWAFRules-VirtualJustInTimePatch:PHPfileexecutioninuploads show less
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 23:31:28.282062 2024] [security2:error] [pid 9852:tid 9852] [client 52.178.129.74:5923] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buddhas.net"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv4QELRK6g_DovR8_qMKSQAAABc"] show less
Brute-ForceBad Web BotWeb App Attack
Anonymous
Bot / scanning and/or hacking attempts: GET /.well-known/makeasmtp.php HTTP/1.1, GET /.well-known/fi ... show moreBot / scanning and/or hacking attempts: GET /.well-known/makeasmtp.php HTTP/1.1, GET /.well-known/file.php HTTP/1.1, GET /radio.php HTTP/1.1, GET /wp-admin/404.php HTTP/1.1, GET /wp-content/themes/index.php HTTP/1.1, GET /wp-includes/wp-login.php HTTP/1.1, GET /file.php HTTP/1.1, GET /wp-trackback.php HTTP/1.1, GET /cgi-bin/index.php HTTP/1.1, GET /cgi-bin/file.php HTTP/1.1, GET /wp-admin/themes.php HTTP/1.1, GET /wp-includes/index.php HTTP/1.1, GET /.well-known/acme-challenge/makeasmtp.php HTTP/1.1, GET /.well-known/acme-challenge/admin.php HTTP/1.1, GET /wp-includes/themes.php HTTP/1.1, GET /wp-includes/admin.php HTTP/1.1, GET /.well-known/wp-load.php HTTP/1.1, GET /wp-content/file.php HTTP/1.1, GET /.well-known/index.php HTTP/1.1, GET /wp-includes/SimplePie/wp-login.php HTTP/1.1, GET /wp-includes/system_log.php?p= HTTP/1.1, GET /.well-known/cloud.php HTTP/1.1, GET /.well-known/acme-challenge/autoload_classmap.php HTTP/1.1 show less