Possible SQL injection attempt detected

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
Post Reply
User avatar
</Solidjeuh>
Registered User
Posts: 1153
Joined: Tue Mar 29, 2016 3:45 am
Location: Aalst (Belgium)
Name: Andy Dm
Contact:

Possible SQL injection attempt detected

Post by </Solidjeuh> » Sun Nov 04, 2018 10:32 pm

My error logs are showing 175 lines with the same message. Was the forum under attack?
Started on: Nov 04 22:15:18
And stopped on: Nov 04 22:29:11

Code: Select all

[Sun Nov 04 22:29:11.350609 2018] [:error] [pid 1508:tid 140497270560512] [client 94.103.9.30:43690] [client 94.103.9.30] ModSecurity:  [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "69"] [id "33340016"] [rev "32"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Possible SQL injection attempt detected"] [data "union all select null,null,null,null,null,null,null,null,null,null#"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Pattern match "(?:(?:select|grant|delete|drop|alter|replace|truncate|create|rename|describe)[[:space:]]+[a-z|0-9|\\\\*|\\\\,]+[[:space:]]+(?:into|table|database|index|view)[[:space:]]+[a-z|0-9|\\\\*| |\\\\,]|\\\\bunion\\\\b.{1,256}?select.{1,256}[a-z0-9].{1,256}(?:from|#|, ?[0-9 ..." at ARGS:f. [hostname "www.allerleidierenforum.eu"] [uri "/viewforum.php"] [unique_id "W99kp7u4GpLuEDsqQ2z8CgAAAMA"]
:: EDIT ::

I see that address was already reported for SQL attacks.
https://www.abuseipdb.com/check/94.103.9.30
We offer fun HTML5 games for young and old.
Register a free account & enjoy all functions!
Save your score, challenge other members or play along with our tournaments.


~~~ https://www.solidjeuh.be ~~~

Post Reply

Return to “[3.2.x] Support Forum”

Who is online

Users browsing this forum: </Solidjeuh>, AmigoJack, Bermudez, droomeg and 24 guests