⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.19
Server IP:
178.33.27.10
Server:
Linux cpanel.dev-unit.com 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
Server Software:
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
PHP Version:
8.2.11
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
local
/
apache
/
domlogs
/
View File Name :
hegazy.mysuits.app.error.log
[Wed Nov 20 14:28:02.736549 2024] [authz_core:error] [pid 19605:tid 140712748422912] [client 64.226.78.121:57608] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/server-status [Wed Nov 20 14:28:03.314305 2024] [authz_core:error] [pid 19698:tid 140712532182784] [client 142.93.143.8:51348] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/server-status [Wed Nov 20 14:29:14.171309 2024] [autoindex:error] [pid 19604:tid 140712641287936] [client 195.211.77.140:60994] AH01276: Cannot serve directory /home/mysuits/hegazy.mysuits.app/: No matching DirectoryIndex (index.php,index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Wed Nov 20 15:07:24.731335 2024] [:error] [pid 19698:tid 140712790386432] [client 102.47.188.49:58710] [client 102.47.188.49] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/"] [unique_id "Zz3fDAhP1xtHCdj7gbo3bwAAAMA"] [Wed Nov 20 15:07:24.977292 2024] [:error] [pid 19698:tid 140712773601024] [client 102.47.188.49:58710] [client 102.47.188.49] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/favicon.ico"] [unique_id "Zz3fDAhP1xtHCdj7gbo3cAAAAMI"], referer: https://hegazy.mysuits.app/ [Wed Nov 20 15:21:49.175426 2024] [core:error] [pid 23688:tid 140712574146304] [client 102.47.188.49:59143] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/hegazy.mysuits.app/public/storage, referer: https://hegazy.mysuits.app/ar [Wed Nov 20 15:22:48.180234 2024] [core:error] [pid 23688:tid 140712557360896] [client 102.47.188.49:59150] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/hegazy.mysuits.app/public/storage, referer: https://hegazy.mysuits.app/ar [Wed Nov 20 15:26:12.505915 2024] [core:error] [pid 23688:tid 140712565753600] [client 41.237.200.22:1971] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/hegazy.mysuits.app/public/storage, referer: https://hegazy.mysuits.app/admin/settings/update/general [Wed Nov 27 15:07:09.980445 2024] [autoindex:error] [pid 1176:tid 140381576410880] [client 197.46.117.93:40934] AH01276: Cannot serve directory /home/mysuits/hegazy.mysuits.app/public/storage/: No matching DirectoryIndex (index.php,index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Wed Nov 27 15:09:27.950983 2024] [autoindex:error] [pid 1176:tid 140381693908736] [client 197.46.117.93:53508] AH01276: Cannot serve directory /home/mysuits/hegazy.mysuits.app/public/storage/: No matching DirectoryIndex (index.php,index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Wed Nov 27 15:12:55.627806 2024] [autoindex:error] [pid 31947:tid 140381821507328] [client 197.46.117.93:57752] AH01276: Cannot serve directory /home/mysuits/hegazy.mysuits.app/public/storage/: No matching DirectoryIndex (index.php,index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Sun Dec 08 16:57:20.717069 2024] [:error] [pid 19119:tid 139647933949696] [client 156.204.103.52:3143] From github.com:mo-abouabda/my-suits-egypt, referer: https://hegazy.mysuits.app/admin/settings/upgrade-version [Sun Dec 08 16:57:20.717128 2024] [:error] [pid 19119:tid 139647933949696] [client 156.204.103.52:3143] * branch main -> FETCH_HEAD, referer: https://hegazy.mysuits.app/admin/settings/upgrade-version [Sun Dec 08 16:57:20.744295 2024] [:error] [pid 19119:tid 139647933949696] [client 156.204.103.52:3143] PHP Parse error: syntax error, unexpected 'class' (T_CLASS), expecting identifier (T_STRING) or variable (T_VARIABLE) or '{' or '$' in /home/mysuits/hegazy.mysuits.app/artisan on line 33, referer: https://hegazy.mysuits.app/admin/settings/upgrade-version [Sun Dec 15 09:30:36.153758 2024] [:error] [pid 31138:tid 139642106578688] [client 197.58.125.229:55477] [client 197.58.125.229] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/"] [unique_id "Z16FnPM-9_8hCy5tYTObQgAAAEA"] [Sun Dec 15 09:30:36.311440 2024] [:error] [pid 31138:tid 139642089793280] [client 197.58.125.229:55477] [client 197.58.125.229] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/favicon.ico"] [unique_id "Z16FnPM-9_8hCy5tYTObQwAAAEI"], referer: https://hegazy.mysuits.app/ [Sun Dec 22 22:40:15.887149 2024] [:error] [pid 11647:tid 139766758569728] [client 45.148.10.235:39266] [client 45.148.10.235] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:c(?:o(?:n(?:t(?:entsmartz|actbot/)|cealed defense|veracrawler)|mpatible(?: ;(?: msie|\\\\.)|-)|py(?:rightcheck|guard)|re-project/1.0)|h(?:ina(?: local browse 2\\\\.|claw)|e(?:rrypicker|esebot))|rescent internet toolpak)|w(?:e(?:b(?: (?:downloader|by ..." at REQUEST_HEADERS:User-Agent. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_35_bad_robots.conf"] [line "27"] [id "990012"] [rev "2"] [msg "Rogue web site crawler"] [data "EmailWolf"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/AUTOMATION/MALICIOUS"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "hegazy.mysuits.app"] [uri "/"] [unique_id "Z2h5LzD8onHQCgJu9l_fYQAAAFU"] [Thu Dec 26 13:25:19.560228 2024] [:error] [pid 12472:tid 139704560449280] [client 197.58.67.255:57517] [client 197.58.67.255] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/admin"] [unique_id "Z209H2LrjUnVn6gKufn2nAAAAIA"] [Thu Dec 26 13:25:19.815589 2024] [:error] [pid 12472:tid 139704481609472] [client 197.58.67.255:57517] [client 197.58.67.255] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/favicon.ico"] [unique_id "Z209H2LrjUnVn6gKufn2nQAAAIE"], referer: https://hegazy.mysuits.app/admin [Thu Dec 26 13:25:23.458369 2024] [:error] [pid 12472:tid 139704473216768] [client 197.58.67.255:57517] [client 197.58.67.255] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/"] [unique_id "Z209I2LrjUnVn6gKufn2ngAAAII"] [Thu Dec 26 13:25:23.599316 2024] [:error] [pid 12472:tid 139704464824064] [client 197.58.67.255:57517] [client 197.58.67.255] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/favicon.ico"] [unique_id "Z209I2LrjUnVn6gKufn2nwAAAIM"], referer: https://hegazy.mysuits.app/ [Thu Dec 26 13:48:01.429836 2024] [:error] [pid 14922:tid 139704448038656] [client 197.58.67.255:57627] [client 197.58.67.255] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/"] [unique_id "Z21CcWozzFpOMmUQdU2Y5QAAAIU"] [Thu Dec 26 13:48:01.567789 2024] [:error] [pid 14922:tid 139704431253248] [client 197.58.67.255:57627] [client 197.58.67.255] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:twk_uuid_666aee3b9a809f19fb3d3f75: {\\x22uuid\\x22:\\x221.70hfMXGnHHWlw422NGIF2Oho6PCjdvxIaBViv2JF15IihkRRtDvzRkE1kMxzQanoZ0fE8TczfGuNRTMij08qhBnAB6z2H9z0ymEzGuCjLGPthgghRkRr\\x22,\\x22version\\x22:3,\\x22domain\\x22:\\x22mysuits.app\\x22,\\x22ts\\x22:1731559738598}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "hegazy.mysuits.app"] [uri "/favicon.ico"] [unique_id "Z21CcWozzFpOMmUQdU2Y5gAAAIc"], referer: https://hegazy.mysuits.app/ [Mon Jan 06 16:12:00.620924 2025] [:error] [pid 31413:tid 139995977336576] [client 156.204.166.49:1812] From github.com:mo-abouabda/my-suits-egypt, referer: https://hegazy.mysuits.app/admin/settings/upgrade-version [Mon Jan 06 16:12:00.621000 2025] [:error] [pid 31413:tid 139995977336576] [client 156.204.166.49:1812] * branch main -> FETCH_HEAD, referer: https://hegazy.mysuits.app/admin/settings/upgrade-version [Mon Jan 06 16:12:00.723392 2025] [:error] [pid 31413:tid 139995977336576] [client 156.204.166.49:1812] PHP Parse error: syntax error, unexpected 'class' (T_CLASS), expecting identifier (T_STRING) or variable (T_VARIABLE) or '{' or '$' in /home/mysuits/hegazy.mysuits.app/artisan on line 33, referer: https://hegazy.mysuits.app/admin/settings/upgrade-version [Sun Jan 19 00:54:19.183317 2025] [authz_core:error] [pid 847:tid 140008618948352] [client 206.81.24.227:49638] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Sun Jan 19 00:54:20.107198 2025] [authz_core:error] [pid 847:tid 140008543414016] [client 206.81.24.227:54606] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Sun Jan 19 08:11:37.662005 2025] [:error] [pid 3151:tid 139952281007872] [client 133.242.174.119:42368] Could not write to logfile: [Sun Jan 19 08:11:37.662041 2025] [:error] [pid 3151:tid 139952281007872] [client 133.242.174.119:42368] Printing message to stderr: [Sun Jan 19 08:11:37.662135 2025] [:error] [pid 3151:tid 139952281007872] [client 133.242.174.119:42368] [Sun Jan 19 08:11:37 2025] [info] Executing "/home/mysuits/hegazy.mysuits.app/public/index.php" as UID 1001, GID 1001 [Sun Jan 19 08:11:37.662140 2025] [:error] [pid 3151:tid 139952281007872] [client 133.242.174.119:42368] [Sun Jan 19 08:11:41.336149 2025] [:error] [pid 3151:tid 139952272615168] [client 133.242.174.119:42368] Could not write to logfile: [Sun Jan 19 08:11:41.336202 2025] [:error] [pid 3151:tid 139952272615168] [client 133.242.174.119:42368] Printing message to stderr: [Sun Jan 19 08:11:41.336313 2025] [:error] [pid 3151:tid 139952272615168] [client 133.242.174.119:42368] [Sun Jan 19 08:11:41 2025] [info] Executing "/home/mysuits/hegazy.mysuits.app/public/index.php" as UID 1001, GID 1001 [Sun Jan 19 08:11:41.336321 2025] [:error] [pid 3151:tid 139952272615168] [client 133.242.174.119:42368] [Sun Jan 19 13:43:33.228530 2025] [:error] [pid 5937:tid 139952537696000] [client 188.165.87.99:41649] Could not write to logfile: [Sun Jan 19 13:43:33.228571 2025] [:error] [pid 5937:tid 139952537696000] [client 188.165.87.99:41649] Printing message to stderr: [Sun Jan 19 13:43:33.228658 2025] [:error] [pid 5937:tid 139952537696000] [client 188.165.87.99:41649] [Sun Jan 19 13:43:33 2025] [info] Executing "/home/mysuits/hegazy.mysuits.app/public/index.php" as UID 1001, GID 1001 [Sun Jan 19 13:43:33.228662 2025] [:error] [pid 5937:tid 139952537696000] [client 188.165.87.99:41649] [Sun Jan 19 13:50:27.753083 2025] [:error] [pid 3151:tid 139952306185984] [client 217.182.186.38:42139] Could not write to logfile: [Sun Jan 19 13:50:27.753132 2[Thu Feb 13 05:56:16.770329 2025] [:error] [pid 2370:tid 139807342679808] [client 15.236.141.35:58546] [client 15.236.141.35] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\b(?:f(?:tp_(?:nb_)?f?(?:ge|pu)t|get(?:s?s|c)|scanf|write|open|read)|gz(?:(?:encod|writ)e|compress|open|read)|s(?:ession_start|candir)|read(?:(?:gz)?file|dir)|move_uploaded_file|(?:proc_|bz)open|call_user_func)|\\\\$_(?:(?:pos|ge)t|session))\\\\b" at ARGS:fw. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "233"] [id "958976"] [rev "2"] [msg "PHP Injection Attack"] [data "Matched Data: fwrite found within ARGS:fw: fwrite"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "hegazy.mysuits.app"] [uri "/wp-content/plugins/wp-ver.php"] [unique_id "Z61tYJQ90H5Zlpb8_kUgTgAAANA"], referer: www.google.com [Thu Feb 13 05:56:18.482918 2025] [:error] [pid 2370:tid 139807317501696] [client 15.236.141.35:62485] [client 15.236.141.35] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\b(?:f(?:tp_(?:nb_)?f?(?:ge|pu)t|get(?:s?s|c)|scanf|write|open|read)|gz(?:(?:encod|writ)e|compress|open|read)|s(?:ession_start|candir)|read(?:(?:gz)?file|dir)|move_uploaded_file|(?:proc_|bz)open|call_user_func)|\\\\$_(?:(?:pos|ge)t|session))\\\\b" at ARGS:fw. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "233"] [id "958976"] [rev "2"] [msg "PHP Injection Attack"] [data "Matched Data: fwrite found within ARGS:fw: fwrite"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "hegazy.mysuits.app"] [uri "/wp-content/plugins/wp-ver.php"] [unique_id "Z61tYpQ90H5Zlpb8_kUgTwAAANM"], referer: www.google.com [Wed Mar 19 00:55:51.216614 2025] [authz_core:error] [pid 7864:tid 140231051228928] [client 164.90.208.56:53286] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Wed Mar 19 00:55:55.937907 2025] [authz_core:error] [pid 7863:tid 140231202297600] [client 164.90.208.56:44424] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Tue May 06 11:14:24.528384 2025] [authz_host:error] [pid 29933:tid 140299644946176] [client 154.83.103.202:11398] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Tue May 06 11:14:24.528399 2025] [authz_core:error] [pid 29933:tid 140299644946176] [client 154.83.103.202:11398] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Fri May 09 00:57:55.058726 2025] [authz_host:error] [pid 18303:tid 140635617097472] [client 154.83.103.106:10022] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Fri May 09 00:57:55.058752 2025] [authz_core:error] [pid 18303:tid 140635617097472] [client 154.83.103.106:10022] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Sat May 17 12:31:25.369186 2025] [authz_core:error] [pid 24440:tid 140063060989696] [client 157.245.36.108:38294] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Sat May 17 12:31:25.470552 2025] [authz_core:error] [pid 24351:tid 140063258384128] [client 178.128.207.138:42744] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Sat May 17 12:31:25.545989 2025] [authz_core:error] [pid 24440:tid 140063027418880] [client 138.197.191.87:44680] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Sat May 17 12:31:26.443007 2025] [authz_core:error] [pid 24351:tid 140063161702144] [client 139.59.132.8:41888] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Sun May 18 08:26:06.215073 2025] [authz_host:error] [pid 26997:tid 140382180423424] [client 213.232.87.230:45233] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Sun May 18 08:26:06.215108 2025] [authz_core:error] [pid 26997:tid 140382180423424] [client 213.232.87.230:45233] AH01630: client denied by server configuration: /home/mysuits/hegazy.mysuits.app/public/server-status [Mon May 19 22:55:20.556864 2025] [core:error] [pid 811:tid 140148406712064] [client 23.94.206.30:52900] AH00524: Handler for (null) returned invalid result code 70008 [Mon May 19 22:55:20.566112 2025] [core:error] [pid 899:tid 140148565796608] [client 23.94.206.30:52897] AH00524: Handler for (null) returned invalid result code 70008 [Mon May 19 23:08:48.379770 2025] [core:error] [pid 899:tid 140148314392320] [client 23.94.206.30:55419] AH00524: Handler for (null) returned invalid result code 70008 [Mon May 19 23:08:48.538864 2025] [core:error] [pid 810:tid 140148431890176] [client 23.94.206.30:55431] AH00524: Handler for (null) returned invalid result code 70008 [Wed May 21 15:53:52.466078 2025] [core:error] [pid 20776:tid 140535549388544] [client 134.122.160.214:60670] AH00524: Handler for (null) returned invalid result code 70008 [Wed May 21 15:53:52.474498 2025] [core:error] [pid 20685:tid 140535423497984] [client 134.122.160.214:60668] AH00524: Handler for (null) returned invalid result code 70008 [Wed May 21 20:09:41.934151 2025] [core:error] [pid 20685:tid 140535656187648] [client 124.198.131.177:53554] AH00524: Handler for (null) returned invalid result code 70008 [Wed May 21 20:09:41.949000 2025] [core:error] [pid 20684:tid 140535647794944] [client 124.198.131.177:53557] AH00524: Handler for (null) returned invalid result code 70008