Author Topic: csf email log alert  (Read 1030 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
csf email log alert
« on: July 18, 2023, 02:49:57 AM »
i dont mind getting these emails, i want it to contain more details, any idea how i can customise these emails?

Time:     Tue Jul 18 02:34:16 2023 +0000
IP:       198.203.28.161 (US/United States/unknown-client.static.huge-dns.com)
Failures: 5 (mod_security)
Interval: 3600 seconds
Blocked:  Permanent Block [LF_MODSEC]

Log entries:

[Mon Jul 17 16:34:08.080734 2023] [:error] [pid 1724:tid 140585998436096] [client 198.203.28.161:45812] [client 198.203.28.161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "103.73.64.45"] [uri "/cp/.env"] [unique_id "ZLVtgA9n8o30vcqEthF7RwAAAZA"]
[Mon Jul 17 16:34:09.057036 2023] [:error] [pid 32691:tid 140586057185024] [client 198.203.28.161:45824] [client 198.203.28.161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "103.73.64.45"] [uri "/cp/.env"] [unique_id "ZLVtgfmiSv0cU56UwpPBhAAAAAk"]
[Mon Jul 17 16:34:10.363686 2023] [:error] [pid 25070:tid 140585964865280] [client 198.203.28.161:45826] [client 198.203.28.161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "103.73.64.45"] [uri "/app/.env"] [unique_id "ZLVtgv2Cw--TsK8Cw01cRwAAAVQ"]
[Mon Jul 17 16:34:11.667593 2023] [:error] [pid 25070:tid 140586006828800] [client 198.203.28.161:45852] [client 198.203.28.161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "103.73.64.45"] [uri "/app/.env"] [unique_id "ZLVtg_2Cw--TsK8Cw01cSAAAAU8"]
[Mon Jul 17 16:34:13.060849 2023] [:error] [pid 25070:tid 140585964865280] [client 198.203.28.161:45930] [client 198.203.28.161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "103.73.64.45"] [uri "/.env.old"] [unique_id "ZLVthf2Cw--TsK8Cw01cTQAAAVQ"]