Hello,
I am getting the following in my /var/log/apache2/access.log. It is an
attack I believe, as it has "http://". Please correct me if I am wrong.
They have correctly identified my domain name also. Is it possible to
prevent these by installing and configuring modsecurity ? Please
suggest. Thanks.
146.0.72.182 - - [17/Jul/2014:23:37:27 +0000] "POST
http://MY-DOMAIN.COM/wp-login.php/ HTTP/1.1" 200 3968 "-" "Mozilla/5.0
(Windows; U; Windows NT 5.1; ru; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2"
146.0.72.182 - - [17/Jul/2014:23:37:29 +0000] "POST
http://MY-DOMAIN.COM/wp-login.php/ HTTP/1.1" 200 3968 "-" "Mozilla/5.0
(Windows; U; Windows NT 5.1; ru; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2"
146.0.72.182 - - [17/Jul/2014:23:37:30 +0000] "POST
http://MY-DOMAIN.COM/wp-login.php/ HTTP/1.1" 200 3968 "-" "Mozilla/5.0
(Windows; U; Windows NT 5.1; ru; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2"
146.0.72.182 - - [17/Jul/2014:23:37:30 +0000] "POST
http://MY-DOMAIN.COM/wp-login.php/ HTTP/1.1" 200 3968 "-" "Mozilla/5.0
(Windows; U; Windows NT 5.1; ru; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2"
146.0.72.182 - - [17/Jul/2014:23:37:31 +0000] "POST
http://MY-DOMAIN.COM/wp-login.php/ HTTP/1.1" 200 3968 "-" "Mozilla/5.0
(Windows; U; Windows NT 5.1; ru; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2"
146.0.72.182 - - [17/Jul/2014:23:37:32 +0000] "POST
http://MY-DOMAIN.COM/wp-login.php/ HTTP/1.1" 200 3968 "-" "Mozilla/5.0
(Windows; U; Windows NT 5.1; ru; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2"
146.0.72.182 - - [17/Jul/2014:23:37:33 +0000] "POST
http://MY-DOMAIN.COM/wp-login.php/ HTTP/1.1" 200 3968 "-" "Mozilla/5.0
(Windows; U; Windows NT 5.1; ru; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2"
146.0.72.182 - - [17/Jul/2014:23:37:33 +0000] "POST
http://MY-DOMAIN.COM/wp-login.php/ HTTP/1.1" 200 3968 "-" "Mozilla/5.0
(Windows; U; Windows NT 5.1; ru; rv:1.9.0.2) Gecko/2008091620 Firefox/3.0.2"
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set