...
[Thu Oct 20 19:05:43.672699 2016]
[proxy_fcgi:error] [pid 25519:tid 139963437930240] [client 77.75.76.162:46600] AH01071: Got error 'PHP message: PHP Warning: include():
open_basedir restriction in effect. File(
/home/krafhcnc/public_html/jodablog.com/wp-content/plugins/wp-super-cache/wp-cache-base.php)
is not within the allowed path(s): (
/var/www/vhosts/jodablog.com/:/tmp/) in /var/www/vhosts/jodablog.com/httpdocs/wp-content/plugins/wp-super-cache/wp-cache.php on line 65\nPHP message: PHP Warning: include(/home/krafhcnc/public_html/jodablog.com/wp-content/plugins/wp-super-cache/wp-cache-base.php): failed to open stream: Operation not permitted in /var/www/vhosts/jodablog.com/httpdocs/wp-content/plugins/wp-super-cache/wp-cache.php on line 65\nPHP message: PHP Warning: include(): Failed opening '/home/krafhcnc/public_html/jodablog.com/wp-content/plugins/wp-super-cache/wp-cache-base.php' for inclusion (include_path='.:/usr/share/php') in /var/www/vhosts/jodablog.com/httpdocs/wp-content/plugins/wp-super-cache/wp-cache.php on line 65\nPHP message: PHP Warning: include_once(): open_basedir restriction in effect. File(/home/krafhcnc/public_html/jodablog.com/wp-content/plugins/wp-super-cache/ossdl-cdn.php) is not within the allowed path(s): (/var/www/vhosts/jodablog.com/:/tmp/) in /var/www/vhosts/jodablog.com/httpdocs/wp-content/plugins/wp-super-cache/wp-cache.php on line 82\nPHP message: PHP Warning: include_once(/home/krafhcnc/public_html/jodablog.com/wp-content/plugins/wp-super-cache/ossdl-cdn.php): failed to open stream: Operation not permitted in /var/www/vhosts/jodablog.com/httpdocs/wp-content/plugins/wp-super-cache/wp-cache.php on line 82\nPHP message: PHP Warning: include_once(): Failed opening '/home/krafhcnc/public_html/jodablog.com/wp-content/plugins/wp-super-cache/ossdl-cdn.php' for inclusion (include_path='.:/usr/share/php') in /var/www/vhosts/jodablog.com/httpdocs/wp-content/plugins/wp-super-cache/wp-cache.php on line 82\n'
...
...
[Sun Oct 23 14:53:52.633651 2016]
[:error] [pid 6556:tid 139627397269248] [client 46.119.127.129] ModSecurity: Access denied with code 403 (phase 2).
Match of "rx ^(\\\\d*|uploads\\\\/.*\\\\.(jpeg|jpg|gif|png|bmp))$" against "ARGS_GET:img" required. [file "/etc/apache2/modsecurity.d/rules/comodo/29_Apps_WPPlugin.conf"] [line "624"] [id "222050"] [rev "4"] [msg "COMODO WAF:
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress (CVE-2014-9734)||jodablog.com|F|2"] [hostname "jodablog.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "WAzA8H8AAQEAABmcOLAAAABA"]
...
...
[Sun Oct 23 14:53:54.011700 2016]
[:error] [pid 6556:tid 139627230881536] [client 46.119.127.129] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?
?<!\\\\w)(?:\\\\.(?:ht(?:access|group|passwd)|www_{0,1}acl)|boot\\\\.ini|global\\\\.asa|httpd\\\\.conf)\\\\b|/etc/)" at ARGS:file_link. [file "/etc/apache2/modsecurity.d/rules/comodo/01_Global_Generic.conf"] [line "52"] [id "211190"] [rev "8"] [msg "COMODO WAF:
Remote File Access Attempt||jodablog.com|F|2"] [data "Matched Data: /etc/ found within ARGS:file_link: /etc/passwd"] [severity "CRITICAL"] [hostname "jodablog.com"] [uri "
/wp-content/plugins/recent-backups/download-file.php"] [unique_id "WAzA8n8AAQEAABmcOLIAAABL"]
...
[uri "
/wp-content/plugins/wptf-image-gallery/lib-mbox/ajax_load.php"]
...
...
[uri "
/wp-content/plugins/simple-image-manipulator/controller/download.php"]
...
...
[uri "
/wp-content/plugins/candidate-application-form/downloadpdffile.php"]
...
...
[uri "
/wp-content/plugins/wp-ecommerce-shop-styling/includes/download.php"]
...
...
[Wed Oct 26 08:46:32.667707 2016]
[:error] [pid 2447] [client 195.154.242.146] ModSecurity:
Multipart parsing error (init): Multipart: Invalid boundary in C-T (characters). [hostname "jodablog.com"] [uri "/"] [unique_id "WBBfWH8AAQEAAAmPeRUAAAAD"]
[Wed Oct 26 08:46:32.668140 2016] [:error] [pid 2447] [client 195.154.242.146] ModSecurity: Warning.
Match of "eq 0" against "REQBODY_ERROR" required. [file "/etc/apache2/modsecurity.d/rules/comodo/12_HTTP_Protocol.conf"] [line "27"] [id "210230"] [rev "2"] [msg "COMODO WAF: The request body could not be parsed. Possibility of an impedance mismatch attack. This is not a false positive.||jodablog.com|F|2"] [data "Multipart:
Invalid boundary in C-T (characters)."] [severity "CRITICAL"] [hostname "jodablog.com"] [uri "/"] [unique_id "WBBfWH8AAQEAAAmPeRUAAAAD"]
...