[WedOct0619:10:31.9415042021][:error][pid1183:tid47706257221376][client8.21.8.228:61905][client8.21. ... show more[WedOct0619:10:31.9415042021][:error][pid1183:tid47706257221376][client8.21.8.228:61905][client8.21.8.228]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:wp-config\|\\\\\\\\../\\\\\\\\..\)\"atARGS:file.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"526\"][id\"323769\"][rev\"1\"][msg\"Atomicorp.comWAFRules-VirtualJustInTimePatch:wp-configfiledownloadattackviaduplicatorpluginblocked\"][severity\"CRITICAL\"][hostname\"pepperdreams.ch\"][uri\"/wp-admin/admin-ajax.php\"][unique_id\"YV3YhwC1bmcOovu6IFCXogAAABg\"][WedOct0619:10:32.9659652021][:error][pid1082:tid47706225702656][client8.21.8.228:62062][client8.21.8.228]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:wp-config\|\\\\\\\\../\\\\\\\\..\)\"atARGS:file.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"526\"][id\"323769\"][rev\"1\"][msg\"Atomicorp.comWAFRules-VirtualJustInTimePatch:wp-configfiledownloadattackviaduplicatorpluginblocked\"][severity\"CRITICAL\"][hostname\"www.pepperdreams.ch\" show less
Port ScanBrute-ForceWeb App Attack
Anonymous
[06/Oct/2021:17:16:17 +0200] YV29wW-AYb-LXU0RHf@FugAAAAQ 8.21.8.228 50932 5.35.240.186 443
06/ ... show more[06/Oct/2021:17:16:17 +0200] YV29wW-AYb-LXU0RHf@FugAAAAQ 8.21.8.228 50932 5.35.240.186 443
06/Oct/2021:17:16:17 +0200Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 8.21.8.228] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\\\\\.\\\\\\\\./\\\\\\\\.\\\\\\\\./" at ARGS:mla_download_file. [file "/etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "39"] [id "33340006"] [rev "68"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Generic Path Recursion denied in URI/ARGS"] [data "../../,ARGS:mla_download_file"] [severity "CRITICAL"] [hostname "www.particular-sound.de"] [uri "/wp-content/plugins/media-library-assistant/includes/mla-file-downloader.php"] [unique_id "YV29wW-AYb-LXU0RHf@FugAAAAQ"]
... show less
Brute Force Scanning /wp-content/plugins/media-library-assistant/includes/mla-file-downloader.php, / ... show moreBrute Force Scanning /wp-content/plugins/media-library-assistant/includes/mla-file-downloader.php, /wp-admin/admin-ajax.php?action=duplicator_download&file= show less
HackingBrute-ForceWeb App Attack
Anonymous
Blocked by firewall for Directory Traversal - wp-config.php in query string: img=..%2Fwp-config.php ... show moreBlocked by firewall for Directory Traversal - wp-config.php in query string: img=..%2Fwp-config.php at http://****/wp-admin/admin-ajax.php?action=revslider_show_image&img=..%2Fwp-config.php
05/10/2021 07:37:43 (1 hour 30 mins ago)
IP: 8.21.8.228 Hostname: 8.21.8.228
Human/Bot: Human
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 show less
(mod_security) mod_security (id:949110) triggered by 8.21.8.228 (NL/Netherlands/-): 5 in the last 14 ... show more(mod_security) mod_security (id:949110) triggered by 8.21.8.228 (NL/Netherlands/-): 5 in the last 14400 secs; ID: rub show less