Linux-Noob Forums Linux Server Administration LAMP v
more apache/php

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Linear Mode
more apache/php
inittux Offline
Moderator
*****
Posts: 675
Threads: 107
Joined: Apr 2010
Reputation: 0
#53
2011-12-14, 10:17 PM



Code:
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111211/20111211-0519/20111211-051943-TuQvXz7UQg8AABLQSoYAAAAE] (null)
[modsecurity] [client 75.146.88.220] [domain feedmebits.nl] [400] [/20111211/20111211-0829/20111211-082944-TuRb6D7UQg8AABLTUYoAAAAH] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111211/20111211-1244/20111211-124434-TuSXoj7UQg8AABPsRtgAAAAP] (null)
[modsecurity] [client 88.46.75.27] [domain feedmebits.nl] [400] [/20111211/20111211-1527/20111211-152723-TuS9yz7UQg8AABLMQSgAAAAA] (null)
[modsecurity] [client 212.68.63.135] [domain feedmebits.nl] [400] [/20111211/20111211-1842/20111211-184226-TuTrgj7UQg8AABLQSo4AAAAE] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111211/20111211-2035/20111211-203545-TuUGET7UQg8AABLNQ4IAAAAB] (null)
[modsecurity] [client 88.46.75.27] [domain feedmebits.nl] [400] [/20111212/20111212-0226/20111212-022601-TuVYKT7UQg8AABLMQSoAAAAA] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111212/20111212-0400/20111212-040025-TuVuST7UQg8AABLTUZMAAAAH] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111212/20111212-1125/20111212-112536-TuXWoD7UQg8AABPsRuAAAAAP] (null)
[modsecurity] [client 88.46.75.27] [domain feedmebits.nl] [400] [/20111212/20111212-1322/20111212-132252-TuXyHD7UQg8AABLMQTMAAAAA] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111212/20111212-1852/20111212-185229-TuY-XT7UQg8AABLST0gAAAAG] (null)
[modsecurity] [client 188.32.174.67] [domain feedmebits.nl] [400] [/20111212/20111212-1958/20111212-195833-TuZO2T7UQg8AABPlKsUAAAAI] (null)
[modsecurity] [client 109.73.175.3] [domain www.donniepinkston.net] [301] [/20111212/20111212-2317/20111212-231745-TuZ9iT7UQg8AABPtSrgAAAAQ]  [file "/etc/httpd/modsecurity.d/asl/modsec/10_asl_rules.conf"] [line "58"] [id "340361"] [rev "2"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: CONNECT method denied"] [data "connect"] [severity "CRITICAL"] Access denied with code 403 (phase 1). Pattern match "connect" at REQUEST_METHOD.
[modsecurity] [client 109.73.175.3] [domain www.pr0.net] [301] [/20111212/20111212-2329/20111212-232907-TuaAMz7UQg8AABLNQ5IAAAAB]  [file "/etc/httpd/modsecurity.d/asl/modsec/10_asl_rules.conf"] [line "58"] [id "340361"] [rev "2"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: CONNECT method denied"] [data "connect"] [severity "CRITICAL"] Access denied with code 403 (phase 1). Pattern match "connect" at REQUEST_METHOD.
[modsecurity] [client 88.46.75.27] [domain feedmebits.nl] [400] [/20111213/20111213-0022/20111213-002247-TuaMxz7UQg8AABPoNbEAAAAL] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111213/20111213-0216/20111213-021646-Tuanfj7UQg8AABPlKs0AAAAI] (null)
[modsecurity] [client 109.73.175.3] [domain www.donniepinkston.net] [301] [/20111213/20111213-0221/20111213-022141-TuaopT7UQg8AABLRTPwAAAAF]  [file "/etc/httpd/modsecurity.d/asl/modsec/10_asl_rules.conf"] [line "58"] [id "340361"] [rev "2"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: CONNECT method denied"] [data "connect"] [severity "CRITICAL"] Access denied with code 403 (phase 1). Pattern match "connect" at REQUEST_METHOD.
[modsecurity] [client 62.149.171.68] [domain feedmebits.nl] [400] [/20111213/20111213-0409/20111213-040910-TubB1j7UQg8AABLST1EAAAAG] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111213/20111213-0941/20111213-094136-TucPwD7UQg8AABLMQT4AAAAA] (null)
[modsecurity] [client 88.46.75.27] [domain feedmebits.nl] [400] [/20111213/20111213-1113/20111213-111334-TuclTj7UQg8AABPtSsAAAAAQ] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111213/20111213-1704/20111213-170452-Tud3pD7UQg8AABPqPeQAAAAN] (null)
[modsecurity] [client 109.230.213.134] [domain feedmebits.nl] [400] [/20111213/20111213-2122/20111213-212236-Tue0DD7UQg8AABLORfcAAAAC] (null)
[modsecurity] [client 88.46.75.27] [domain feedmebits.nl] [400] [/20111213/20111213-2209/20111213-220943-Tue-Fz7UQg8AABPrRJwAAAAO] (null)
[modsecurity] [client 109.230.213.134] [domain feedmebits.nl] [400] [/20111213/20111213-2236/20111213-223608-TufFSD7UQg8AABPrRJ8AAAAO] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111214/20111214-0028/20111214-002848-TuffsD7UQg8AABPqPesAAAAN] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111214/20111214-0751/20111214-075142-TuhHfj7UQg8AABLQSrAAAAAE] (null)
[modsecurity] [client 88.46.75.27] [domain feedmebits.nl] [400] [/20111214/20111214-0859/20111214-085931-TuhXYz7UQg8AABLMQUoAAAAA] (null)
[modsecurity] [client 145.117.87.13] [domain feedmebits.nl] [200] [/20111214/20111214-1141/20111214-114138-Tuh9YT7UQg8AABLQSrIAAAAE] Pattern match "joomla.*administration login.*username and password do not match" at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/asl/modsec/12_asl_brute.conf"] [line "83"] [id "377304"] [rev "1"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules - Brute Force Attack Protection: Joomla Administration system Login Attempt Failure (Not Blocked)"] [severity "ERROR"]
[modsecurity] [client 145.117.87.13] [domain feedmebits.nl] [200] [/20111214/20111214-1141/20111214-114145-Tuh9aT7UQg8AABLNQ6QAAAAB] Pattern match "joomla.*administration login.*username and password do not match" at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/asl/modsec/12_asl_brute.conf"] [line "83"] [id "377304"] [rev "1"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules - Brute Force Attack Protection: Joomla Administration system Login Attempt Failure (Not Blocked)"] [severity "ERROR"]
[modsecurity] [client 145.117.87.13] [domain feedmebits.nl] [200] [/20111214/20111214-1141/20111214-114151-Tuh9bj7UQg8AABPoNcIAAAAL] Pattern match "joomla.*administration login.*username and password do not match" at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/asl/modsec/12_asl_brute.conf"] [line "83"] [id "377304"] [rev "1"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules - Brute Force Attack Protection: Joomla Administration system Login Attempt Failure (Not Blocked)"] [severity "ERROR"]
[modsecurity] [client 145.117.87.13] [domain feedmebits.nl] [200] [/20111214/20111214-1141/20111214-114156-Tuh9cz7UQg8AABLPSFQAAAAD] Pattern match "joomla.*administration login.*username and password do not match" at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/asl/modsec/12_asl_brute.conf"] [line "83"] [id "377304"] [rev "1"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules - Brute Force Attack Protection: Joomla Administration system Login Attempt Failure (Not Blocked)"] [severity "ERROR"]
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111214/20111214-1515/20111214-151521-TuiveT7UQg8AABLRTQwAAAAF] (null)
[modsecurity] [client 88.46.75.27] [domain feedmebits.nl] [400] [/20111214/20111214-1953/20111214-195325-TujwpT7UQg8AABPuTdYAAAAR] (null)
[modsecurity] [client 80.190.226.155] [domain feedmebits.nl] [400] [/20111214/20111214-2239/20111214-223911-TukXfz7UQg8AABLRTQ0AAAAF] (null)




Looks like it is working from those logs :)

 

fail2ban is still a challenge. But it's fun working on various projects at the same time. After I"m done with these small projects. I want to start my next big project.

Find
Reply


Messages In This Thread
more apache/php - by inittux - 2011-09-06, 06:25 AM
more apache/php - by Dungeon-Dave - 2011-09-07, 07:14 AM
more apache/php - by inittux - 2011-09-09, 06:17 AM
more apache/php - by inittux - 2011-09-10, 03:43 PM
more apache/php - by Dungeon-Dave - 2011-09-11, 01:40 PM
more apache/php - by inittux - 2011-09-11, 01:54 PM
more apache/php - by Dungeon-Dave - 2011-09-11, 03:49 PM
more apache/php - by inittux - 2011-09-11, 03:58 PM
more apache/php - by Dungeon-Dave - 2011-09-11, 05:12 PM
more apache/php - by inittux - 2011-09-12, 06:09 AM
more apache/php - by Dungeon-Dave - 2011-09-12, 12:30 PM
more apache/php - by inittux - 2011-09-13, 06:12 AM
more apache/php - by inittux - 2011-09-13, 08:47 AM
more apache/php - by Dungeon-Dave - 2011-09-13, 10:58 AM
more apache/php - by inittux - 2011-09-13, 11:43 AM
more apache/php - by inittux - 2011-09-14, 07:02 AM
more apache/php - by Dungeon-Dave - 2011-09-14, 10:49 AM
more apache/php - by inittux - 2011-09-14, 05:40 PM
more apache/php - by inittux - 2011-09-14, 07:27 PM
more apache/php - by Dungeon-Dave - 2011-09-14, 07:28 PM
more apache/php - by inittux - 2011-09-14, 07:33 PM
more apache/php - by inittux - 2011-09-15, 05:08 AM
more apache/php - by inittux - 2011-09-18, 06:40 PM
more apache/php - by Dungeon-Dave - 2011-09-19, 05:44 PM
more apache/php - by inittux - 2011-09-19, 05:50 PM
more apache/php - by inittux - 2011-09-20, 04:57 PM
more apache/php - by Dungeon-Dave - 2011-09-21, 07:42 PM
more apache/php - by inittux - 2011-09-22, 02:39 PM
more apache/php - by inittux - 2011-09-22, 05:12 PM
more apache/php - by inittux - 2011-10-06, 10:43 AM
more apache/php - by Dungeon-Dave - 2011-10-07, 02:21 PM
more apache/php - by inittux - 2011-10-08, 07:11 AM
more apache/php - by Dungeon-Dave - 2011-10-08, 01:00 PM
more apache/php - by inittux - 2011-10-08, 01:06 PM
more apache/php - by inittux - 2011-10-11, 07:42 AM
more apache/php - by Dungeon-Dave - 2011-10-11, 01:33 PM
more apache/php - by inittux - 2011-10-12, 10:34 AM
more apache/php - by Dungeon-Dave - 2011-10-13, 11:41 AM
more apache/php - by inittux - 2011-10-13, 11:46 AM
more apache/php - by Dungeon-Dave - 2011-10-13, 04:47 PM
more apache/php - by inittux - 2011-11-01, 03:11 PM
more apache/php - by inittux - 2011-11-28, 09:56 PM
more apache/php - by hybrid - 2011-11-29, 10:48 AM
more apache/php - by inittux - 2011-11-29, 11:17 AM
more apache/php - by hybrid - 2011-11-29, 11:21 AM
more apache/php - by inittux - 2011-11-29, 11:34 AM
more apache/php - by hybrid - 2011-11-29, 11:40 AM
more apache/php - by Dungeon-Dave - 2011-11-29, 02:43 PM
more apache/php - by inittux - 2011-11-29, 02:51 PM
more apache/php - by Dungeon-Dave - 2011-11-29, 03:14 PM
more apache/php - by inittux - 2011-12-14, 11:07 AM
more apache/php - by Dungeon-Dave - 2011-12-14, 10:06 PM
more apache/php - by inittux - 2011-12-14, 10:17 PM
more apache/php - by Dungeon-Dave - 2011-12-15, 01:58 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)