Facebook
TwitterMichael Huber
Basic Pleskian
I read the howto to find out the ID .. but in my logfile there is to this event no ID..
how can I stop the admins from being blocked?
--13f9e059-A--
[09/Apr/2019:17:09:57 +0200] XKy1wVdi8vEAAEi-kCsAAAAA xx.xx.xx.xx 53359 xx.xx.xx.xx 7081
--13f9e059-B--
POST /wp-admin/admin-ajax.php HTTP/1.0
Host: www.hide.tld
X-Real-IP: xx.xx.xx.xx
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 53
accept: */*
origin: https://www.hide.tld
x-requested-with: XMLHttpRequest
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
referer: https://www.hide.tld/wp-admin/admin.php?page=wps_overview_page
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
cookie: wordpress_sec_4c8b704ba82cbdcef4248d59ea76abb9=poshpi%7C1554798484%7C5atVLz83oa0Vt0ezr4Vhxogk0z7Amv86mrdOBsXBMCQ%7C0afb0fb4f45f7a2916610eb016d9e9c894771f6829e8d6c75fa7dde4f094e4b2; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_4c8b704ba82cbdcef4248d59ea76abb9=poshpi%7C1554798484%7C5atVLz83oa0Vt0ezr4Vhxogk0z7Amv86mrdOBsXBMCQ%7C14183ffa3f9a8f626a2cbee14312a91891aadd5f3633035da6f1407697754f7a; PHPSESSID=dpsqbddv7ou7i1qqinnhjmng77; wp-settings-3=editor%3Dtinymce%26libraryContent%3Dbrowse%26imgsize%3Dfull%26advImgDetails%3Dshow; wp-settings-time-3=1554625687
--13f9e059-C--
action=wp_statistics_get_widget_contents&widget=about
--13f9e059-F--
HTTP/1.1 400 Bad Request
X-Powered-By: PHP/7.0.33
Pragma: no-cache
Access-Control-Allow-Origin: https://www.hide.tld
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Powered-By: PleskLin
Connection: close
Content-Type: text/html; charset=UTF-8
--13f9e059-H--
Apache-Handler: proxy:unix:///var/www/vhosts/system/hide.tld/php-fpm.sock|fcgi://localhost/
Stopwatch: 1554822593850232 3399627 (- - -)
Stopwatch2: 1554822593850232 3399627; combined=3395, p1=2, p2=3383, p3=4, p4=1, p5=4, sr=0, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.8.0 (ModSecurity: Open Source Web Application Firewall 201810311011.
Server: Apache
Engine-Mode: "DETECTION_ONLY"
--13f9e059-Z--
how can I stop the admins from being blocked?
--13f9e059-A--
[09/Apr/2019:17:09:57 +0200] XKy1wVdi8vEAAEi-kCsAAAAA xx.xx.xx.xx 53359 xx.xx.xx.xx 7081
--13f9e059-B--
POST /wp-admin/admin-ajax.php HTTP/1.0
Host: www.hide.tld
X-Real-IP: xx.xx.xx.xx
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 53
accept: */*
origin: https://www.hide.tld
x-requested-with: XMLHttpRequest
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
referer: https://www.hide.tld/wp-admin/admin.php?page=wps_overview_page
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
cookie: wordpress_sec_4c8b704ba82cbdcef4248d59ea76abb9=poshpi%7C1554798484%7C5atVLz83oa0Vt0ezr4Vhxogk0z7Amv86mrdOBsXBMCQ%7C0afb0fb4f45f7a2916610eb016d9e9c894771f6829e8d6c75fa7dde4f094e4b2; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_4c8b704ba82cbdcef4248d59ea76abb9=poshpi%7C1554798484%7C5atVLz83oa0Vt0ezr4Vhxogk0z7Amv86mrdOBsXBMCQ%7C14183ffa3f9a8f626a2cbee14312a91891aadd5f3633035da6f1407697754f7a; PHPSESSID=dpsqbddv7ou7i1qqinnhjmng77; wp-settings-3=editor%3Dtinymce%26libraryContent%3Dbrowse%26imgsize%3Dfull%26advImgDetails%3Dshow; wp-settings-time-3=1554625687
--13f9e059-C--
action=wp_statistics_get_widget_contents&widget=about
--13f9e059-F--
HTTP/1.1 400 Bad Request
X-Powered-By: PHP/7.0.33
Pragma: no-cache
Access-Control-Allow-Origin: https://www.hide.tld
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Powered-By: PleskLin
Connection: close
Content-Type: text/html; charset=UTF-8
--13f9e059-H--
Apache-Handler: proxy:unix:///var/www/vhosts/system/hide.tld/php-fpm.sock|fcgi://localhost/
Stopwatch: 1554822593850232 3399627 (- - -)
Stopwatch2: 1554822593850232 3399627; combined=3395, p1=2, p2=3383, p3=4, p4=1, p5=4, sr=0, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.8.0 (ModSecurity: Open Source Web Application Firewall 201810311011.
Server: Apache
Engine-Mode: "DETECTION_ONLY"
--13f9e059-Z--