This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
Information / what platform is used to manage the services "client area"
« on: April 15, 2024, 04:24:04 PM »
Hi,
what platform is used to manage the services "client area" from CWP, for a friend I ask...
Thanks in advance!
BR
Venty
what platform is used to manage the services "client area" from CWP, for a friend I ask...
Thanks in advance!
BR
Venty
3
Mod_Security / Re: test mod security..???
« on: March 28, 2024, 09:32:14 AM »Why does your URL show an appended SQL query?
Hi,
I don't know why there is such a request, I downloaded the logs, please see the answer below...
Thanks in advance!
BR
Venty
4
Mod_Security / Re: test mod security..???
« on: March 28, 2024, 09:28:42 AM »What did the logs show?
You should receive a Forbidden if it blocks an attack like it should, and the log should reflect that.
Also Comodo released ruleset version 1.241 that fixes the WooCommerce bug.
Hi,
when I click the test mod security button in the access log:
91.238.255.4 - - [28/Mar/2024:11:07:05 +0200] "GET /index.php?SELECT%20*%20FROM%20mysql.users HTTP/1.0" 403 199
in the error log :
[Thu Mar 28 11:07:05.172107 2024] [:error] [pid 60252:tid 139766892787456] [client 91.238.255.4:54650] [client 91.238.255.4] ModSecurity: Access denied with code 403 (phase 2). Match of "contains /wp-json/yoast/" against "REQUEST_URI" required. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "17"] [id "211540"] [rev "14"] [msg "COMODO WAF: Blind SQL Injection Attack||43.105.247.29|F|2"] [data "Matched Data: SELECT * FROM mysql.users found within REQUEST_URI: /index.php?SELECT%20*%20FROM%20mysql.users"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "43.105.247.29"] [uri "/index.php"] [unique_id "ZgUzOSQ7YW9-nwQzwPEtQwAAANA"], referer: https://hosting.ven.com:2031/
Mail message:
Time: Thu Mar 28 11:15:49 2024 +0200
IP: 91.238.255.4 (BG/Bulgaria/4.bgports.bg)
Failures: 5 (mod_security)
Interval: 3600 seconds
Blocked: Permanent Block [LF_MODSEC]
Log entries:
[Thu Mar 28 11:07:05.172107 2024] [:error] [pid 60252:tid 139766892787456] [client 91.238.255.4:54650] [client 91.238.255.4] ModSecurity: Access denied with code 403 (phase 2). Match of "contains /wp-json/yoast/" against "REQUEST_URI" required. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "17"] [id "211540"] [rev "14"] [msg "COMODO WAF: Blind SQL Injection Attack||43.105.247.29|F|2"] [data "Matched Data: SELECT * FROM mysql.users found within REQUEST_URI: /index.php?SELECT%20*%20FROM%20mysql.users"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "43.105.247.29"] [uri "/index.php"] [unique_id "ZgUzOSQ7YW9-nwQzwPEtQwAAANA"], referer: https://hosting.ven.com:2031/
[Thu Mar 28 11:15:38.619353 2024] [:error] [pid 59712:tid 139766859216640] [client 91.238.255.4:54738] [client 91.238.255.4] ModSecurity: Access denied with code 403 (phase 2). Match of "contains /wp-json/yoast/" against "REQUEST_URI" required. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "17"] [id "211540"] [rev "14"] [msg "COMODO WAF: Blind SQL Injection Attack||43.105.247.29|F|2"] [data "Matched Data: SELECT * FROM mysql.users found within REQUEST_URI: /index.php?SELECT%20*%20FROM%20mysql.users"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "43.105.247.29"] [uri "/index.php"] [unique_id "ZgU1OnV9zH5PZsJbMuf24AAAAJQ"], referer: https://hosting.ven.com:2031/
[Thu Mar 28 11:15:43.853579 2024] [:error] [pid 60252:tid 139767018678016] [client 91.238.255.4:54740] [client 91.238.255.4] ModSecurity: Access denied with code 403 (phase 2). Match of "contains /wp-json/yoast/" against "REQUEST_URI" required. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "17"] [id "211540"] [rev "14"] [msg "COMODO WAF: Blind SQL Injection Attack||43.105.247.29|F|2"] [data "Matched Data: SELECT * FROM mysql.users found within REQUEST_URI: /index.php?SELECT%20*%20FROM%20mysql.users"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "43.105.247.29"] [uri "/index.php"] [unique_id "ZgU1PyQ7YW9-nwQzwPEtYgAAAME"], referer: https://hosting.ven.com:2031/
[Thu Mar 28 11:15:45.091700 2024] [:error] [pid 59712:tid 139766850823936] [client 91.238.255.4:54742] [client 91.238.255.4] ModSecurity: Access denied with code 403 (phase 2). Match of "contains /wp-json/yoast/" against "REQUEST_URI" required. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "17"] [id "211540"] [rev "14"] [msg "COMODO WAF: Blind SQL Injection Attack||43.105.247.29|F|2"] [data "Matched Data: SELECT * FROM mysql.users found within REQUEST_URI: /index.php?SELECT%20*%20FROM%20mysql.users"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "43.105.247.29"] [uri "/index.php"] [unique_id "ZgU1QXV9zH5PZsJbMuf24QAAAJU"], referer: https://hosting.ven.com:2031/
[Thu Mar 28 11:15:45.868421 2024] [:error] [pid 59712:tid 139766842431232] [client 91.238.255.4:54744] [client 91.238.255.4] ModSecurity: Access denied with code 403 (phase 2). Match of "contains /wp-json/yoast/" against "REQUEST_URI" required. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "17"] [id "211540"] [rev "14"] [msg "COMODO WAF: Blind SQL Injection Attack||43.105.247.29|F|2"] [data "Matched Data: SELECT * FROM mysql.users found within REQUEST_URI: /index.php?SELECT%20*%20FROM%20mysql.users"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "43.105.247.29"] [uri "/index.php"] [unique_id "ZgU1QXV9zH5PZsJbMuf24gAAAJY"], referer: https://hosting.ven.com:2031/
What do I do?
Thanks in advance!
BR
Venty
5
Mod_Security / test mod security..???
« on: March 27, 2024, 05:07:44 PM »
Hi,
when I click the test mod security button: https://prnt.sc/UtFDAi3VYELK
, the result is this: https://prnt.sc/JgSZ1-UxDYNU
Where could the problem be?
Thanks in advance!
BR
Venty
when I click the test mod security button: https://prnt.sc/UtFDAi3VYELK
, the result is this: https://prnt.sc/JgSZ1-UxDYNU
Where could the problem be?
Thanks in advance!
BR
Venty
6
Information / How many disks are physically installed on the server?
« on: February 13, 2024, 10:33:28 AM »
Hi,
Can I find out through the panel how many disks are physically installed on the server?
Thanks !
BR
Venty
Can I find out through the panel how many disks are physically installed on the server?
Thanks !
BR
Venty
7
CentOS-WebPanel GUI / the memory is constantly busy...
« on: January 31, 2024, 02:27:09 PM »
Hi,
please look: https://prnt.sc/SqGY9XII8l4X
... the memory is constantly busy, when I restart the server it goes down, but after a while the lines fill up again ...
What to do?
Thanks in advance!
BR
Venty
please look: https://prnt.sc/SqGY9XII8l4X
... the memory is constantly busy, when I restart the server it goes down, but after a while the lines fill up again ...
What to do?
Thanks in advance!
BR
Venty
8
PHP / upgrade the version of ICU???
« on: January 31, 2024, 11:51:39 AM »
Hi,
how to upgrade the version of ICU, to a higher one - pls look: https://prnt.sc/F_9T_pt2l7rt ?
Is the ICU version tied to the PHP version or can either be added?
Thanks in advance!
BR
Venty
how to upgrade the version of ICU, to a higher one - pls look: https://prnt.sc/F_9T_pt2l7rt ?
Is the ICU version tied to the PHP version or can either be added?
Thanks in advance!
BR
Venty
9
PHP / Re: to PHP Version 8.2.8 and started getting messages like....
« on: September 11, 2023, 09:23:39 AM »
lfd ..., but there are too many, over 100 in 24 hours ....
10
PHP / Re: to PHP Version 8.2.8 and started getting messages like....
« on: September 11, 2023, 05:21:00 AM »Hi,
Hello, today I upgraded to PHP Version 8.2.8 and started getting messages like:
................................................
Executable: /opt/alt/php-fpm82/usr/sbin/php-fpm
Command Line: php-fpm: pool .....
PID...............
What's going on?
Thanks in advance!
BR
Venty
11
PHP / to PHP Version 8.2.8 and started getting messages like....
« on: September 07, 2023, 01:50:15 PM »
Hi,
Hello, today I upgraded to PHP Version 8.2.8 and started getting messages like:
................................................
Executable: /opt/alt/php-fpm82/usr/sbin/php-fpm
Command Line: php-fpm: pool .....
PID...............
What's going on?
Thanks in advance!
BR
Venty
Hello, today I upgraded to PHP Version 8.2.8 and started getting messages like:
................................................
Executable: /opt/alt/php-fpm82/usr/sbin/php-fpm
Command Line: php-fpm: pool .....
PID...............
What's going on?
Thanks in advance!
BR
Venty
12
CentOS 7 Problems / Re: is this a server ... please help ...
« on: August 25, 2023, 08:29:57 AM »...
Then Ajax.
.....
please some guidance and/or direction for Ajax…
13
CentOS 7 Problems / Re: is this a server ... please help ...
« on: August 25, 2023, 07:10:09 AM »
thanks for the reply...
To be honest, I have no information, maybe they use Cpanel...
... but regardless I'm asking for help, I should happen to import this demo..., something to change on my server settings?
Thanks in advance!
To be honest, I have no information, maybe they use Cpanel...
... but regardless I'm asking for help, I should happen to import this demo..., something to change on my server settings?
Thanks in advance!
14
CentOS 7 Problems / Re: is this a server ... please help ...
« on: August 25, 2023, 05:59:13 AM »
HI,
I'm sorry, but I don't understand...
The demo is developed by a vendor and I can hardly convince him to change anything….
Another question arises the same demo on other servers runs without problems...
What should I change to make it happen on my server too...
Thanks in advance!
BR
Venty
I'm sorry, but I don't understand...
The demo is developed by a vendor and I can hardly convince him to change anything….
Another question arises the same demo on other servers runs without problems...
What should I change to make it happen on my server too...
Thanks in advance!
BR
Venty
15
CentOS 7 Problems / is this a server ... please help ...
« on: August 24, 2023, 10:22:22 AM »
Hi,
Hello,
I want to upload a WordPress demo and people write that it was uploaded for a maximum of 10 minutes, but for me it runs for 50 minutes and gives me an error, I tried several times and it was not an error 500, 501, 503 and others...
In error logs it gives me some [Thu Aug 24 13:03:18.783980 2023] [core:error] [pid 1627:tid 140575420446464] [client 98.255.202.4:55879] Script timed out before returning headers: admin-ajax.php, referer: http://rd.eu/wp-admin/themes.php?page=rigid-optionsframework
is this a server ... please help ...
BR
Venty
Hello,
I want to upload a WordPress demo and people write that it was uploaded for a maximum of 10 minutes, but for me it runs for 50 minutes and gives me an error, I tried several times and it was not an error 500, 501, 503 and others...
In error logs it gives me some [Thu Aug 24 13:03:18.783980 2023] [core:error] [pid 1627:tid 140575420446464] [client 98.255.202.4:55879] Script timed out before returning headers: admin-ajax.php, referer: http://rd.eu/wp-admin/themes.php?page=rigid-optionsframework
is this a server ... please help ...
BR
Venty