(mod_security) mod_security (id:210492) triggered by 80.78.27.66 (504e1b42.host.njalla.net): 1 in th ... show more(mod_security) mod_security (id:210492) triggered by 80.78.27.66 (504e1b42.host.njalla.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 11:14:19.258859 2024] [security2:error] [pid 1845:tid 1845] [client 80.78.27.66:50080] [client 80.78.27.66] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cnphilos.com"] [uri "/wp-config.php.in"] [unique_id "ZrYyS-JSNUgn26-kKAyw_AAAABg"] show less
Brute-ForceBad Web BotWeb App Attack
Anonymous
Bot / scanning and/or hacking attempts: GET /wp-config-backup1.txt HTTP/1.1, GET /wp-config HTTP/1.1 ... show moreBot / scanning and/or hacking attempts: GET /wp-config-backup1.txt HTTP/1.1, GET /wp-config HTTP/1.1, GET /wp-config.php~ HTTP/1.1, GET /wp-config.txt HTTP/1.1, GET /wp-config%20fix.txt HTTP/1.1, GET /wp-config.bak HTTP/1.1, GET /wp-config.phpOLD HTTP/1.1 show less
2024-08-04T12:14:08.576630+02:00 web wordpress(varhanykolin.cz)[387812]: Immediately block connectio ... show more2024-08-04T12:14:08.576630+02:00 web wordpress(varhanykolin.cz)[387812]: Immediately block connections from 80.78.27.66
... show less