This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
E-Mail / I am receiving a lot of spam emails in all of my accounts,
« on: December 05, 2019, 08:32:11 AM »
I am receiving a lot of spam emails, how can I reduce the email load by marking them as spam? I see this module SpamExperts but i do not know who can i configute and activate it Can someone help me?
2
CentOS 7 Problems / error with php extensions
« on: November 25, 2019, 07:09:58 PM »
Hi i have thos problem in my server
[Mon Nov 25 18:54:39.455701 2019] [:error] [pid 1734:tid 140300425041664] [client 84.77.158.222:41640] PHP Warning: PHP Startup: Unable to load dynamic library 'intl' (tried: /usr/local/lib/php/extensions/no-debug-non-zts-20180731/intl (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/intl: cannot open shared object file: No such file or directory), /usr/local/lib/php/extensions/no-debug-non-zts-20180731/intl.so (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/intl.so: cannot open shared object file: No such file or directory)) in Unknown on line 0, referer: http://domain.es/soporte/open.php
[Mon Nov 25 18:54:39.456041 2019] [:error] [pid 1734:tid 140300425041664] [client 84.77.158.222:41640] PHP Warning: PHP Startup: Unable to load dynamic library 'imap' (tried: /usr/local/lib/php/extensions/no-debug-non-zts-20180731/imap (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/imap: cannot open shared object file: No such file or directory), /usr/local/lib/php/extensions/no-debug-non-zts-20180731/imap.so (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/imap.so: cannot open shared object file: No such file or directory)) in Unknown on line 0, referer: http://domain.es/soporte/open.php
[Mon Nov 25 18:54:39.456386 2019] [:error] [pid 1734:tid 140300425041664] [client 84.77.158.222:41640] PHP Warning: PHP Startup: Unable to load dynamic library 'ldap' (tried: /usr/local/lib/php/extensions/no-debug-non-zts-20180731/ldap (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/ldap: cannot open shared object file: No such file or directory), /usr/local/lib/php/extensions/no-debug-non-zts-20180731/ldap.so (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/ldap.so: cannot open shared object file: No such file or directory)) in Unknown on line 0, referer: http://domain.es/soporte/open.php
[Mon Nov 25 18:54:39.456707 2019] [:error] [pid 1734:tid 140300425041664] [client 84.77.158.222:41640] PHP Warning: PHP Startup: Unable to load dynamic library 'soap' (tried: /usr/local/lib/php/extensions/no-debug-non-zts-20180731/soap (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/soap: cannot open shared object file: No such file or directory), /usr/local/lib/php/extensions/no-debug-non-zts-20180731/soap.so (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/soap.so: cannot open shared object file: No such file or directory)) in Unknown on line 0, referer: http://domain.es/soporte/open.php
I do not know what are be happend?
[Mon Nov 25 18:54:39.455701 2019] [:error] [pid 1734:tid 140300425041664] [client 84.77.158.222:41640] PHP Warning: PHP Startup: Unable to load dynamic library 'intl' (tried: /usr/local/lib/php/extensions/no-debug-non-zts-20180731/intl (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/intl: cannot open shared object file: No such file or directory), /usr/local/lib/php/extensions/no-debug-non-zts-20180731/intl.so (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/intl.so: cannot open shared object file: No such file or directory)) in Unknown on line 0, referer: http://domain.es/soporte/open.php
[Mon Nov 25 18:54:39.456041 2019] [:error] [pid 1734:tid 140300425041664] [client 84.77.158.222:41640] PHP Warning: PHP Startup: Unable to load dynamic library 'imap' (tried: /usr/local/lib/php/extensions/no-debug-non-zts-20180731/imap (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/imap: cannot open shared object file: No such file or directory), /usr/local/lib/php/extensions/no-debug-non-zts-20180731/imap.so (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/imap.so: cannot open shared object file: No such file or directory)) in Unknown on line 0, referer: http://domain.es/soporte/open.php
[Mon Nov 25 18:54:39.456386 2019] [:error] [pid 1734:tid 140300425041664] [client 84.77.158.222:41640] PHP Warning: PHP Startup: Unable to load dynamic library 'ldap' (tried: /usr/local/lib/php/extensions/no-debug-non-zts-20180731/ldap (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/ldap: cannot open shared object file: No such file or directory), /usr/local/lib/php/extensions/no-debug-non-zts-20180731/ldap.so (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/ldap.so: cannot open shared object file: No such file or directory)) in Unknown on line 0, referer: http://domain.es/soporte/open.php
[Mon Nov 25 18:54:39.456707 2019] [:error] [pid 1734:tid 140300425041664] [client 84.77.158.222:41640] PHP Warning: PHP Startup: Unable to load dynamic library 'soap' (tried: /usr/local/lib/php/extensions/no-debug-non-zts-20180731/soap (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/soap: cannot open shared object file: No such file or directory), /usr/local/lib/php/extensions/no-debug-non-zts-20180731/soap.so (/usr/local/lib/php/extensions/no-debug-non-zts-20180731/soap.so: cannot open shared object file: No such file or directory)) in Unknown on line 0, referer: http://domain.es/soporte/open.php
I do not know what are be happend?
3
Installation / Re: I need install FileSystemLock but i dont khow who can
« on: May 01, 2018, 07:15:19 PM »
Hi. Somepeople can help me for this question? Thanks
4
Installation / I need install FileSystemLock but i dont khow who can
« on: April 29, 2018, 04:47:38 PM »
Hi for all
Somebody help me? I need install FileSystemLock but i dont khow who can.
Please somebody help me? Thanks very much
Somebody help me? I need install FileSystemLock but i dont khow who can.
Please somebody help me? Thanks very much
5
CentOS 7 Problems / Re: Problem urgent, Is posible that my server was haked?
« on: April 26, 2018, 06:51:49 PM »
Hi thanks for you reply.
How can i install and use the FileSystemLock in my server? i search information for about it but i don't find any
Can you help me about that
How can i install and use the FileSystemLock in my server? i search information for about it but i don't find any
Can you help me about that
6
Mod_Security / Problem urgent, Is posible that my server was haked?
« on: April 26, 2018, 05:09:45 AM »
I see few days ago this message in my error_log in my server CEP7
[Mon Apr 23 23:02:37.761117 2018] [:error] [pid 31779:tid 139639427909376] [client 185.104.120.3:6393] File does not exist: /home/centoneg/public_html/xmlrpc.php
[Tue Apr 24 01:11:22.342871 2018] [:error] [pid 31478:tid 139639606437632] [client 185.45.75.155:47162] File does not exist: /home/bmatica1/public_html/wp-cron.php, referer: http://www.bmatica.es/wp-cron.php?doing_wp_cron=1524525089.5313839912414550781250
[Tue Apr 24 02:09:59.259062 2018] [:error] [pid 31779:tid 139639486658304] [client 192.241.124.50:51564] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:18:50.926564 2018] [:error] [pid 31477:tid 139639469872896] [client 193.202.110.25:51814] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:22:46.144902 2018] [:error] [pid 31479:tid 139639352375040] [client 213.212.60.223:56782] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:46:05.003932 2018] [:error] [pid 31478:tid 139639469872896] [client 52.47.168.171:7443] [client 52.47.168.171] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(keep-alive|close),\\\\s?(keep-alive|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "447"] [id "958295"] [rev "2"] [msg "Multiple/Conflicting Connection Header Data Found."] [data "close, close"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "www.bmatica.es"] [uri "/ads.txt"] [unique_id "Wt5@TVeAxW0yjzB@yJ74TQAAAEo"]
[Tue Apr 24 02:48:48.261987 2018] [:error] [pid 31479:tid 139639486658304] [client 97.79.238.60:46750] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:58:50.672094 2018] [:error] [pid 31478:tid 139639453087488] [client 193.202.110.25:52392] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 03:08:54.998040 2018] [:error] [pid 31479:tid 139639461480192] [client 103.6.198.72:45390] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 03:36:38.318468 2018] [:error] [pid 31478:tid 139639511836416] [client 54.36.150.109:28494] File does not exist: /home/bmatica1/public_html/index.php
[Tue Apr 24 05:09:19.543569 2018] [:error] [pid 31478:tid 139639453087488] [client 66.111.57.21:59761] [client 66.111.57.21] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "31"] [id "960032"] [rev "2"] [msg "Method is not allowed by policy"] [data "TRACE"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/METHOD_NOT_ALLOWED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "OWASP_AppSensor/RE1"] [tag "PCI/12.1"] [hostname "www"] [uri "/"] [unique_id "Wt6f31eAxW0yjzB@yJ74dwAAAEw"]
[Tue Apr 24 06:05:18.774279 2018] [:error] [pid 31478:tid 139639511836416] [client 163.178.170.172:47634] [client 163.178.170.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\bhttp\\\\/(?:0\\\\.9|1\\\\.[01])|<(?:html|meta)\\\\b)" at ARGS:name[#markup]. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "136"] [id "950911"] [rev "2"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:name[#markup]: echo \\x22<title>hacked by h0d3_g4n</title><meta content=\\x22hacked by h0d3_g4n\\x22 name=\\x22description\\x22><meta content=\\x22hacked by h0d3_g4n\\x22 name=\\x22keywords\\x22><meta name=\\x22robots\\x22 content=\\x22index, follow\\x22><meta content=\\x22h0d3_g4n\\x22 name=\\x22author\\x22/><center><h2><img src=\\x22https://images4.alphacoders.com/215/215134.jpg\\x22 <width=\\x22300\\x22 height=\\x22300\\x22></h2><h1>hacked by h0d3_g4n</h1><br><h3>greetz: all member elec..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [hostname "tramitel.net"] [uri "/"] [unique_id "Wt6s-leAxW0yjzB@yJ74rQAAAEU"]
[Tue Apr 24 07:15:06.522077 2018] [:error] [pid 31779:tid 139639411123968] [client 195.130.247.116:37600] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 07:20:38.854469 2018] [mpm_event:notice] [pid 31465:tid 139639799248768] AH00493: SIGUSR1 received. Doing graceful restart
What do you think has happened?
[Mon Apr 23 23:02:37.761117 2018] [:error] [pid 31779:tid 139639427909376] [client 185.104.120.3:6393] File does not exist: /home/centoneg/public_html/xmlrpc.php
[Tue Apr 24 01:11:22.342871 2018] [:error] [pid 31478:tid 139639606437632] [client 185.45.75.155:47162] File does not exist: /home/bmatica1/public_html/wp-cron.php, referer: http://www.bmatica.es/wp-cron.php?doing_wp_cron=1524525089.5313839912414550781250
[Tue Apr 24 02:09:59.259062 2018] [:error] [pid 31779:tid 139639486658304] [client 192.241.124.50:51564] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:18:50.926564 2018] [:error] [pid 31477:tid 139639469872896] [client 193.202.110.25:51814] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:22:46.144902 2018] [:error] [pid 31479:tid 139639352375040] [client 213.212.60.223:56782] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:46:05.003932 2018] [:error] [pid 31478:tid 139639469872896] [client 52.47.168.171:7443] [client 52.47.168.171] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(keep-alive|close),\\\\s?(keep-alive|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "447"] [id "958295"] [rev "2"] [msg "Multiple/Conflicting Connection Header Data Found."] [data "close, close"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "www.bmatica.es"] [uri "/ads.txt"] [unique_id "Wt5@TVeAxW0yjzB@yJ74TQAAAEo"]
[Tue Apr 24 02:48:48.261987 2018] [:error] [pid 31479:tid 139639486658304] [client 97.79.238.60:46750] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:58:50.672094 2018] [:error] [pid 31478:tid 139639453087488] [client 193.202.110.25:52392] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 03:08:54.998040 2018] [:error] [pid 31479:tid 139639461480192] [client 103.6.198.72:45390] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 03:36:38.318468 2018] [:error] [pid 31478:tid 139639511836416] [client 54.36.150.109:28494] File does not exist: /home/bmatica1/public_html/index.php
[Tue Apr 24 05:09:19.543569 2018] [:error] [pid 31478:tid 139639453087488] [client 66.111.57.21:59761] [client 66.111.57.21] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "31"] [id "960032"] [rev "2"] [msg "Method is not allowed by policy"] [data "TRACE"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/METHOD_NOT_ALLOWED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "OWASP_AppSensor/RE1"] [tag "PCI/12.1"] [hostname "www"] [uri "/"] [unique_id "Wt6f31eAxW0yjzB@yJ74dwAAAEw"]
[Tue Apr 24 06:05:18.774279 2018] [:error] [pid 31478:tid 139639511836416] [client 163.178.170.172:47634] [client 163.178.170.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\bhttp\\\\/(?:0\\\\.9|1\\\\.[01])|<(?:html|meta)\\\\b)" at ARGS:name[#markup]. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "136"] [id "950911"] [rev "2"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:name[#markup]: echo \\x22<title>hacked by h0d3_g4n</title><meta content=\\x22hacked by h0d3_g4n\\x22 name=\\x22description\\x22><meta content=\\x22hacked by h0d3_g4n\\x22 name=\\x22keywords\\x22><meta name=\\x22robots\\x22 content=\\x22index, follow\\x22><meta content=\\x22h0d3_g4n\\x22 name=\\x22author\\x22/><center><h2><img src=\\x22https://images4.alphacoders.com/215/215134.jpg\\x22 <width=\\x22300\\x22 height=\\x22300\\x22></h2><h1>hacked by h0d3_g4n</h1><br><h3>greetz: all member elec..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [hostname "tramitel.net"] [uri "/"] [unique_id "Wt6s-leAxW0yjzB@yJ74rQAAAEU"]
[Tue Apr 24 07:15:06.522077 2018] [:error] [pid 31779:tid 139639411123968] [client 195.130.247.116:37600] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 07:20:38.854469 2018] [mpm_event:notice] [pid 31465:tid 139639799248768] AH00493: SIGUSR1 received. Doing graceful restart
What do you think has happened?
7
CentOS 7 Problems / Problem urgent, Is posible that my server was haked?
« on: April 25, 2018, 07:20:42 PM »
I see few days ago this message in my error_log in my server CEP7
[Mon Apr 23 23:02:37.761117 2018] [:error] [pid 31779:tid 139639427909376] [client 185.104.120.3:6393] File does not exist: /home/centoneg/public_html/xmlrpc.php
[Tue Apr 24 01:11:22.342871 2018] [:error] [pid 31478:tid 139639606437632] [client 185.45.75.155:47162] File does not exist: /home/bmatica1/public_html/wp-cron.php, referer: http://www.bmatica.es/wp-cron.php?doing_wp_cron=1524525089.5313839912414550781250
[Tue Apr 24 02:09:59.259062 2018] [:error] [pid 31779:tid 139639486658304] [client 192.241.124.50:51564] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:18:50.926564 2018] [:error] [pid 31477:tid 139639469872896] [client 193.202.110.25:51814] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:22:46.144902 2018] [:error] [pid 31479:tid 139639352375040] [client 213.212.60.223:56782] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:46:05.003932 2018] [:error] [pid 31478:tid 139639469872896] [client 52.47.168.171:7443] [client 52.47.168.171] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(keep-alive|close),\\\\s?(keep-alive|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "447"] [id "958295"] [rev "2"] [msg "Multiple/Conflicting Connection Header Data Found."] [data "close, close"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "www.bmatica.es"] [uri "/ads.txt"] [unique_id "Wt5@TVeAxW0yjzB@yJ74TQAAAEo"]
[Tue Apr 24 02:48:48.261987 2018] [:error] [pid 31479:tid 139639486658304] [client 97.79.238.60:46750] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:58:50.672094 2018] [:error] [pid 31478:tid 139639453087488] [client 193.202.110.25:52392] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 03:08:54.998040 2018] [:error] [pid 31479:tid 139639461480192] [client 103.6.198.72:45390] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 03:36:38.318468 2018] [:error] [pid 31478:tid 139639511836416] [client 54.36.150.109:28494] File does not exist: /home/bmatica1/public_html/index.php
[Tue Apr 24 05:09:19.543569 2018] [:error] [pid 31478:tid 139639453087488] [client 66.111.57.21:59761] [client 66.111.57.21] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "31"] [id "960032"] [rev "2"] [msg "Method is not allowed by policy"] [data "TRACE"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/METHOD_NOT_ALLOWED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "OWASP_AppSensor/RE1"] [tag "PCI/12.1"] [hostname "www"] [uri "/"] [unique_id "Wt6f31eAxW0yjzB@yJ74dwAAAEw"]
[Tue Apr 24 06:05:18.774279 2018] [:error] [pid 31478:tid 139639511836416] [client 163.178.170.172:47634] [client 163.178.170.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\bhttp\\\\/(?:0\\\\.9|1\\\\.[01])|<(?:html|meta)\\\\b)" at ARGS:name[#markup]. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "136"] [id "950911"] [rev "2"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:name[#markup]: echo \\x22<title>hacked by h0d3_g4n</title><meta content=\\x22hacked by h0d3_g4n\\x22 name=\\x22description\\x22><meta content=\\x22hacked by h0d3_g4n\\x22 name=\\x22keywords\\x22><meta name=\\x22robots\\x22 content=\\x22index, follow\\x22><meta content=\\x22h0d3_g4n\\x22 name=\\x22author\\x22/><center><h2><img src=\\x22https://images4.alphacoders.com/215/215134.jpg\\x22 <width=\\x22300\\x22 height=\\x22300\\x22></h2><h1>hacked by h0d3_g4n</h1><br><h3>greetz: all member elec..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [hostname "tramitel.net"] [uri "/"] [unique_id "Wt6s-leAxW0yjzB@yJ74rQAAAEU"]
[Tue Apr 24 07:15:06.522077 2018] [:error] [pid 31779:tid 139639411123968] [client 195.130.247.116:37600] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 07:20:38.854469 2018] [mpm_event:notice] [pid 31465:tid 139639799248768] AH00493: SIGUSR1 received. Doing graceful restart
What do you think has happened?
[Mon Apr 23 23:02:37.761117 2018] [:error] [pid 31779:tid 139639427909376] [client 185.104.120.3:6393] File does not exist: /home/centoneg/public_html/xmlrpc.php
[Tue Apr 24 01:11:22.342871 2018] [:error] [pid 31478:tid 139639606437632] [client 185.45.75.155:47162] File does not exist: /home/bmatica1/public_html/wp-cron.php, referer: http://www.bmatica.es/wp-cron.php?doing_wp_cron=1524525089.5313839912414550781250
[Tue Apr 24 02:09:59.259062 2018] [:error] [pid 31779:tid 139639486658304] [client 192.241.124.50:51564] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:18:50.926564 2018] [:error] [pid 31477:tid 139639469872896] [client 193.202.110.25:51814] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:22:46.144902 2018] [:error] [pid 31479:tid 139639352375040] [client 213.212.60.223:56782] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:46:05.003932 2018] [:error] [pid 31478:tid 139639469872896] [client 52.47.168.171:7443] [client 52.47.168.171] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(keep-alive|close),\\\\s?(keep-alive|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "447"] [id "958295"] [rev "2"] [msg "Multiple/Conflicting Connection Header Data Found."] [data "close, close"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "www.bmatica.es"] [uri "/ads.txt"] [unique_id "Wt5@TVeAxW0yjzB@yJ74TQAAAEo"]
[Tue Apr 24 02:48:48.261987 2018] [:error] [pid 31479:tid 139639486658304] [client 97.79.238.60:46750] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 02:58:50.672094 2018] [:error] [pid 31478:tid 139639453087488] [client 193.202.110.25:52392] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 03:08:54.998040 2018] [:error] [pid 31479:tid 139639461480192] [client 103.6.198.72:45390] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 03:36:38.318468 2018] [:error] [pid 31478:tid 139639511836416] [client 54.36.150.109:28494] File does not exist: /home/bmatica1/public_html/index.php
[Tue Apr 24 05:09:19.543569 2018] [:error] [pid 31478:tid 139639453087488] [client 66.111.57.21:59761] [client 66.111.57.21] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "31"] [id "960032"] [rev "2"] [msg "Method is not allowed by policy"] [data "TRACE"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/METHOD_NOT_ALLOWED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "OWASP_AppSensor/RE1"] [tag "PCI/12.1"] [hostname "www"] [uri "/"] [unique_id "Wt6f31eAxW0yjzB@yJ74dwAAAEw"]
[Tue Apr 24 06:05:18.774279 2018] [:error] [pid 31478:tid 139639511836416] [client 163.178.170.172:47634] [client 163.178.170.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\bhttp\\\\/(?:0\\\\.9|1\\\\.[01])|<(?:html|meta)\\\\b)" at ARGS:name[#markup]. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "136"] [id "950911"] [rev "2"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:name[#markup]: echo \\x22<title>hacked by h0d3_g4n</title><meta content=\\x22hacked by h0d3_g4n\\x22 name=\\x22description\\x22><meta content=\\x22hacked by h0d3_g4n\\x22 name=\\x22keywords\\x22><meta name=\\x22robots\\x22 content=\\x22index, follow\\x22><meta content=\\x22h0d3_g4n\\x22 name=\\x22author\\x22/><center><h2><img src=\\x22https://images4.alphacoders.com/215/215134.jpg\\x22 <width=\\x22300\\x22 height=\\x22300\\x22></h2><h1>hacked by h0d3_g4n</h1><br><h3>greetz: all member elec..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [hostname "tramitel.net"] [uri "/"] [unique_id "Wt6s-leAxW0yjzB@yJ74rQAAAEU"]
[Tue Apr 24 07:15:06.522077 2018] [:error] [pid 31779:tid 139639411123968] [client 195.130.247.116:37600] File does not exist: /usr/local/apache/htdocs/xmlrpc.php
[Tue Apr 24 07:20:38.854469 2018] [mpm_event:notice] [pid 31465:tid 139639799248768] AH00493: SIGUSR1 received. Doing graceful restart
What do you think has happened?
8
Postfix / I have problem with server email, i can't send and recibe email
« on: April 20, 2018, 06:05:18 AM »
Hi everyone
I have a seriusly problem, i recent mount a server web with cwp7, and i can not send and recibe emails in the created domains, I do not know what happend.
When i send email, the email stays in the queue and say me (delivery temporarily suspended:connect to mail.xxxx.net[ip.ip.ip.ip]:25 Connection refused) email addressee
And when i send one mail to the email in to my server, from for example an account of yahoo.com, i recibe mail delivery error
Recipient address rejected: User unknown in local recipient table
What's happend?, Can somebody help me?
I have a seriusly problem, i recent mount a server web with cwp7, and i can not send and recibe emails in the created domains, I do not know what happend.
When i send email, the email stays in the queue and say me (delivery temporarily suspended:connect to mail.xxxx.net[ip.ip.ip.ip]:25 Connection refused) email addressee
And when i send one mail to the email in to my server, from for example an account of yahoo.com, i recibe mail delivery error
Recipient address rejected: User unknown in local recipient table
What's happend?, Can somebody help me?
9
E-Mail / problem with email server, i don't send and recibe emails, i have some errors
« on: April 19, 2018, 07:26:36 PM »
Hi everyone
I have a seriusly problem, i recent mount a server web with cwp7, and i can not send and recibe emails in the created domains, I do not know what happend.
When i send email, the email stays in the queue and say me (delivery temporarily suspended:connect to mail.xxxx.net[ip.ip.ip.ip]:25 Connection refused) email addressee
And when i send one mail to the email in to my server, from for example an account of yahoo.com, i recibe mail delivery error
Recipient address rejected: User unknown in local recipient table
What's happend?, Can somebody help me?
I have a seriusly problem, i recent mount a server web with cwp7, and i can not send and recibe emails in the created domains, I do not know what happend.
When i send email, the email stays in the queue and say me (delivery temporarily suspended:connect to mail.xxxx.net[ip.ip.ip.ip]:25 Connection refused) email addressee
And when i send one mail to the email in to my server, from for example an account of yahoo.com, i recibe mail delivery error
Recipient address rejected: User unknown in local recipient table
What's happend?, Can somebody help me?
Pages: [1]