⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.101
Server IP:
178.33.27.10
Server:
Linux cpanel.dev-unit.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
Server Software:
Apache/2.4.62 (Unix) OpenSSL/1.0.2k-fips
PHP Version:
8.2.25
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
proc
/
self
/
root
/
usr
/
local
/
apache
/
domlogs
/
View File Name :
kayan.mysuits.app.error.log
[Thu May 15 11:43:50.908664 2025] [authz_core:error] [pid 1195:tid 140463837894400] [client 64.225.75.246:58862] AH01630: client denied by server configuration: /home/mysuits/kayan.mysuits.app/server-status [Thu May 15 11:43:51.174546 2025] [:error] [pid 1197:tid 140463829501696] [client 64.225.75.246:58960] File does not exist: /home/mysuits/kayan.mysuits.app/info.php [Thu May 15 11:43:51.920080 2025] [authz_core:error] [pid 1306:tid 140463863072512] [client 165.227.173.41:53442] AH01630: client denied by server configuration: /home/mysuits/kayan.mysuits.app/server-status [Thu May 15 11:43:52.510064 2025] [:error] [pid 1306:tid 140463837894400] [client 165.227.173.41:53522] File does not exist: /home/mysuits/kayan.mysuits.app/info.php [Thu May 15 11:48:20.150202 2025] [:error] [pid 1197:tid 140463617013504] [client 104.197.69.115:18313] SoftException in Application.cpp:249: File "/home/mysuits/kayan.mysuits.app/public/index.php" is writeable by group [Thu May 15 11:48:20.150230 2025] [core:error] [pid 1197:tid 140463617013504] [client 104.197.69.115:18313] End of script output before headers: index.php [Thu May 15 12:00:27.935355 2025] [:error] [pid 1195:tid 140463650584320] [client 205.169.39.171:55683] SoftException in Application.cpp:249: File "/home/mysuits/kayan.mysuits.app/public/index.php" is writeable by group [Thu May 15 12:00:27.935384 2025] [core:error] [pid 1195:tid 140463650584320] [client 205.169.39.171:55683] End of script output before headers: index.php [Thu May 15 12:11:02.283688 2025] [:error] [pid 1306:tid 140463734511360] [client 102.186.46.35:50229] SoftException in Application.cpp:249: File "/home/mysuits/kayan.mysuits.app/public/index.php" is writeable by group [Thu May 15 12:11:02.283715 2025] [core:error] [pid 1306:tid 140463734511360] [client 102.186.46.35:50229] End of script output before headers: index.php [Thu May 15 12:26:03.780272 2025] [core:error] [pid 6409:tid 140463734511360] [client 102.186.46.35:50369] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Thu May 15 12:36:14.611268 2025] [:error] [pid 7072:tid 140463837894400] [client 150.136.146.238:26832] [client 150.136.146.238] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/info@dev-unit.com"] [unique_id "aCW1jn8ONrejL_4pZCOPtQAAAMU"] [Thu May 15 12:36:37.214548 2025] [core:error] [pid 6409:tid 140463650584320] [client 205.169.39.30:15191] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: http://kayan.mysuits.app/ar [Thu May 15 17:30:04.084128 2025] [core:error] [pid 6409:tid 140463692547840] [client 54.244.171.131:58064] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: http://kayan.mysuits.app/ar [Thu May 15 17:30:08.118308 2025] [core:error] [pid 7072:tid 140463684155136] [client 54.244.171.131:58104] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: http://kayan.mysuits.app/ar [Fri May 16 18:04:55.781101 2025] [:error] [pid 6521:tid 140406473832192] [client 154.83.103.115:17082] [client 154.83.103.115] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/env.backup"] [unique_id "aCdUF9b9TtOto3tLCrK7OAAAAI0"] [Fri May 16 18:05:02.095058 2025] [:error] [pid 6521:tid 140406557759232] [client 154.83.103.115:17082] [client 154.83.103.115] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/logs/aws/ses.log"] [unique_id "aCdUHtb9TtOto3tLCrK7ZwAAAIM"] [Sun May 18 17:39:47.727770 2025] [core:error] [pid 26903:tid 140382146852608] [client 54.160.199.255:60066] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Sun May 18 17:39:57.536183 2025] [core:error] [pid 7350:tid 140382396995328] [client 54.160.199.255:39474] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Sun May 18 17:39:58.544348 2025] [core:error] [pid 7350:tid 140382247565056] [client 54.160.199.255:39474] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Sun May 18 21:25:35.157726 2025] [core:error] [pid 26997:tid 140382163638016] [client 18.206.172.185:44126] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Sun May 18 21:25:44.030353 2025] [core:error] [pid 26997:tid 140382255957760] [client 18.206.172.185:41950] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Sun May 18 21:25:44.942753 2025] [core:error] [pid 26997:tid 140382247565056] [client 18.206.172.185:41950] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 00:01:51.788053 2025] [core:error] [pid 26997:tid 140382255957760] [client 197.46.68.248:63909] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 00:02:44.441842 2025] [core:error] [pid 26997:tid 140382163638016] [client 197.46.68.248:63941] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 00:02:51.383616 2025] [core:error] [pid 26904:tid 140382130067200] [client 197.46.68.248:63943] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 00:03:01.122563 2025] [core:error] [pid 26997:tid 140382180423424] [client 197.46.68.248:63941] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 00:03:05.420220 2025] [core:error] [pid 26997:tid 140382239172352] [client 197.46.68.248:63942] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 00:05:43.512027 2025] [core:error] [pid 26904:tid 140382239172352] [client 197.46.68.248:63975] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 00:09:33.411451 2025] [core:error] [pid 26904:tid 140382272743168] [client 197.46.68.248:64048] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 00:10:37.817186 2025] [core:error] [pid 26901:tid 140382163638016] [client 197.46.68.248:64058] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 05:06:41.194052 2025] [core:error] [pid 810:tid 140148415104768] [client 52.207.233.59:49842] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 05:06:49.890647 2025] [core:error] [pid 899:tid 140148373141248] [client 52.207.233.59:50008] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Mon May 19 05:06:49.991523 2025] [core:error] [pid 899:tid 140148457068288] [client 52.207.233.59:50008] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Fri May 23 23:39:54.457789 2025] [core:error] [pid 22978:tid 139929656993536] [client 156.204.119.220:49824] AH00037: Symbolic link not allowed or link target not accessible: /home/mysuits/kayan.mysuits.app/public/storage, referer: https://kayan.mysuits.app/ar [Sat May 24 00:23:00.408724 2025] [:error] [pid 22601:tid 139929682171648] [client 156.204.119.220:50089] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnKc4b-z3tcl22uNTVdAAAAQI"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:23:14.350808 2025] [:error] [pid 22601:tid 139929598244608] [client 156.204.119.220:50093] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnPc4b-z3tcl22uNTVfAAAAQw"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:23:23.276961 2025] [:error] [pid 22978:tid 139929539495680] [client 156.204.119.220:50090] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnMtCofnP9LHtkDGxPMQAAAFM"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:23:40.282196 2025] [:error] [pid 14861:tid 139929581459200] [client 156.204.119.220:50097] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnVEk-53f9h_NOhc7VBAAAAY4"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:23:53.941368 2025] [:error] [pid 22978:tid 139929623422720] [client 156.204.119.220:50094] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnUdCofnP9LHtkDGxPWgAAAEk"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:23:57.544772 2025] [:error] [pid 22978:tid 139929615030016] [client 156.204.119.220:50107] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnZdCofnP9LHtkDGxPawAAAEo"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:24:00.527711 2025] [:error] [pid 22601:tid 139929615030016] [client 156.204.119.220:50102] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnUs4b-z3tcl22uNTVgwAAAQo"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:24:03.813427 2025] [:error] [pid 14861:tid 139929606637312] [client 156.204.119.220:50104] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnWUk-53f9h_NOhc7VBgAAAYs"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:24:13.380989 2025] [:error] [pid 22978:tid 139929698957056] [client 156.204.119.220:50100] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnUdCofnP9LHtkDGxPXAAAAEA"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:24:13.441920 2025] [:error] [pid 22978:tid 139929656993536] [client 156.204.119.220:50103] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnUtCofnP9LHtkDGxPXQAAAEU"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:24:13.497315 2025] [:error] [pid 22978:tid 139929690564352] [client 156.204.119.220:50105] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnXdCofnP9LHtkDGxPZQAAAEE"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:24:21.416269 2025] [:error] [pid 22601:tid 139929522710272] [client 156.204.119.220:50096] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnPc4b-z3tcl22uNTVewAAARU"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:24:21.534051 2025] [:error] [pid 22599:tid 139929514317568] [client 156.204.119.220:50110] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnb0mP0-FeACqje7iS6AAAABY"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Sat May 24 00:24:21.908582 2025] [:error] [pid 22978:tid 139929640208128] [client 156.204.119.220:50108] [client 156.204.119.220] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDDnb9CofnP9LHtkDGxPdAAAAEc"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Mon May 26 14:33:13.962373 2025] [:error] [pid 7592:tid 140406457079552] [client 156.204.3.147:54548] [client 156.204.3.147] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDRRYrFzQTiKwd6H-8IGSQAAAIo"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Mon May 26 14:33:29.669360 2025] [:error] [pid 7590:tid 140406431901440] [client 156.204.3.147:54556] [client 156.204.3.147] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDRRf5oEzamRnXntWhp13gAAAA0"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Mon May 26 14:33:38.604945 2025] [:error] [pid 7590:tid 140406415116032] [client 156.204.3.147:54558] [client 156.204.3.147] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDRRf5oEzamRnXntWhp13wAAAA8"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Mon May 26 14:33:45.885874 2025] [:error] [pid 7590:tid 140406507435776] [client 156.204.3.147:54555] [client 156.204.3.147] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDRRfZoEzamRnXntWhp13QAAAAQ"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Mon May 26 14:33:57.845297 2025] [:error] [pid 7591:tid 140406473864960] [client 156.204.3.147:54559] [client 156.204.3.147] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDRRgAV1W0DQ5f6b9676CgAAAEg"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Mon May 26 14:34:21.173697 2025] [:error] [pid 7690:tid 140406482257664] [client 156.204.3.147:54560] [client 156.204.3.147] ModSecurity: Error reading request body: Partial results are valid but processing is incomplete [hostname "kayan.mysuits.app"] [uri "/admin/procuration"] [unique_id "aDRRgJOLQxBoOgUdIZMoBQAAAMc"], referer: https://kayan.mysuits.app/admin/contact-contacts/5/procurations [Wed Jun 11 13:33:12.697686 2025] [:error] [pid 2011:tid 140275225646848] [client 20.171.207.228:36152] [client 20.171.207.228] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/sherifmohie@gmail.com"] [unique_id "aElbaIxVyzsN17NauKPsswAAARI"] [Wed Jun 11 13:34:01.082175 2025] [:error] [pid 2044:tid 140275351537408] [client 20.171.207.228:46626] [client 20.171.207.228] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/sherifmohie@gmail.com"] [unique_id "aElbmSZ7O__7KQDt0heDAQAAAEM"] [Wed Jun 11 13:34:03.777165 2025] [:error] [pid 2011:tid 140275259217664] [client 20.171.207.228:55684] [client 20.171.207.228] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/sherifmohie@gmail.com"] [unique_id "aElbm4xVyzsN17NauKPs9AAAAQ4"] [Wed Jun 11 13:35:50.933202 2025] [:error] [pid 2011:tid 140275292788480] [client 20.171.207.228:57746] [client 20.171.207.228] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/about-us/sherifmohie@gmail.com"] [unique_id "aElcBoxVyzsN17NauKPtTwAAAQo"] [Wed Jun 11 13:37:00.349489 2025] [:error] [pid 1898:tid 140275250824960] [client 20.171.207.228:47654] [client 20.171.207.228] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/about-us/sherifmohie@gmail.com"] [unique_id "aElcTHCK6tAuhuqZpYC7_AAAAI8"] [Wed Jun 11 13:37:10.267738 2025] [:error] [pid 2044:tid 140275317966592] [client 20.171.207.228:53778] [client 20.171.207.228] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/service/sherifmohie@gmail.com"] [unique_id "aElcViZ7O__7KQDt0heDhAAAAEc"] [Wed Jun 11 13:37:30.464743 2025] [:error] [pid 2011:tid 140275368322816] [client 20.171.207.228:60440] [client 20.171.207.228] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/service/sherifmohie@gmail.com"] [unique_id "aElcaoxVyzsN17NauKPtiwAAAQE"] [Thu Jul 17 07:23:53.782410 2025] [:error] [pid 18234:tid 140094634931968] [client 20.171.207.99:46114] [client 20.171.207.99] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/service/sherifmohie@gmail.com"] [unique_id "aHh62TdDeufXoZC3UiBvbAAAAMI"] [Sat Aug 02 06:36:40.081444 2025] [:error] [pid 29714:tid 140178253403904] [client 20.171.207.36:46758] [client 20.171.207.36] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/sherifmohie@gmail.com"] [unique_id "aI2HyBX5eeRSzK9lU9D_1wAAAMU"] [Sat Aug 02 06:37:10.006656 2025] [:error] [pid 29608:tid 140178161084160] [client 20.171.207.36:39578] [client 20.171.207.36] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/sherifmohie@gmail.com"] [unique_id "aI2H5hEk3PcnOZLTObgbaAAAAJA"] [Sat Aug 02 06:37:29.456163 2025] [:error] [pid 29714:tid 140178203047680] [client 20.171.207.36:58346] [client 20.171.207.36] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/sherifmohie@gmail.com"] [unique_id "aI2H-RX5eeRSzK9lU9D_9gAAAMs"] [Sat Aug 02 06:37:42.877002 2025] [:error] [pid 29714:tid 140178219833088] [client 20.171.207.36:43890] [client 20.171.207.36] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/service/sherifmohie@gmail.com"] [unique_id "aI2IBhX5eeRSzK9lU9D__gAAAMk"] [Sat Aug 02 06:38:07.868227 2025] [:error] [pid 29714:tid 140178203047680] [client 20.171.207.36:35188] [client 20.171.207.36] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/service/sherifmohie@gmail.com"] [unique_id "aI2IHxX5eeRSzK9lU9AACgAAAMs"] [Tue Aug 05 06:38:38.788717 2025] [:error] [pid 10610:tid 140113216489216] [client 159.89.190.6:48386] [client 159.89.190.6] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/sherifmohie@gmail.com"] [unique_id "aJF8vqcW4YPomGUlP5Zy_wAAAM0"] [Wed Aug 13 05:16:18.045717 2025] [:error] [pid 12050:tid 12107] [client 20.171.207.205:57656] [client 20.171.207.205] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/service/sherifmohie@gmail.com"] [unique_id "aJv1ciAxZkgf_UWlleYbvgAAAIo"] [Sat Aug 30 17:39:54.364211 2025] [:error] [pid 1139:tid 1144] [client 44.202.158.116:48214] Could not write to logfile: [Sat Aug 30 17:39:54.364256 2025] [:error] [pid 1139:tid 1144] [client 44.202.158.116:48214] Printing message to stderr: [Sat Aug 30 17:39:54.364341 2025] [:error] [pid 1139:tid 1144] [client 44.202.158.116:48214] [Sat Aug 30 17:39:54 2025] [info] Executing "/home/mysuits/kayan.mysuits.app/public/index.php" as UID 1001, GID 1001 [Sat Aug 30 17:39:54.364345 2025] [:error] [pid 1139:tid 1144] [client 44.202.158.116:48214] [Sat Aug 30 17:39:55.313388 2025] [:error] [pid 1139:tid 1153] [client 44.202.158.116:48214] Could not write to logfile: [Sat Aug 30 17:39:55.313449 2025] [:error] [pid 1139:tid 1153] [client 44.202.158.116:48214] Printing message to stderr: [Sat Aug 30 17:39:55.313536 2025] [:error] [pid 1139:tid 1153] [client 44.202.158.116:48214] [Sat Aug 30 17:39:55 2025] [info] Executing "/home/mysuits/kayan.mysuits.app/public/index.php" as UID 1001, GID 1001 [Sat Aug 30 17:39:55.313540 2025] [:error] [pid 1139:tid 1153] [client 44.202.158.116:48214] [Sat Aug 30 19:40:39.088363 2025] [:error] [pid 985:tid 1060] [client 38.114.123.26:49738] Could not write to logfile: [Sat Aug 30 19:40:39.088406 2025] [:error] [pid 985:tid 1060] [client 38.114.123.26:49738] Printing message to stderr: [Sat Aug 30 19:40:39.088491 2025] [:error] [pid 985:tid 1060] [client 38.114.123.26:49738] [Sat Aug 30 19:40:39 2025] [info] Executing "/home/mysuits/kayan.mysuits.app/public/index.php" as UID 1001, GID 1001 [Sat Aug 30 19:40:39.088496 2025] [:error] [pid 985:tid 1060] [client 38.114.123.26:49738] [Tue Sep 09 18:25:35.835755 2025] [:error] [pid 4825:tid 4839] [client 20.171.207.143:43568] [client 20.171.207.143] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/sherifmohie@gmail.com"] [unique_id "aMBG7x5Ag_CXCAtVFR7fQQAAAMw"] [Tue Sep 09 18:25:52.290736 2025] [:error] [pid 4825:tid 4844] [client 20.171.207.143:43568] [client 20.171.207.143] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/sherifmohie@gmail.com"] [unique_id "aMBHAB5Ag_CXCAtVFR7fkgAAANE"] [Tue Sep 09 18:26:53.491151 2025] [:error] [pid 4825:tid 4834] [client 20.171.207.143:59388] [client 20.171.207.143] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/sherifmohie@gmail.com"] [unique_id "aMBHPR5Ag_CXCAtVFR7gHAAAAMc"] [Tue Sep 09 18:28:00.304771 2025] [:error] [pid 20428:tid 20444] [client 20.171.207.143:32786] [client 20.171.207.143] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/service/sherifmohie@gmail.com"] [unique_id "aMBHgIb77xzXU_dcdk-zGgAAAQw"] [Tue Sep 09 18:28:07.996162 2025] [:error] [pid 20428:tid 20445] [client 20.171.207.143:39358] [client 20.171.207.143] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/service/sherifmohie@gmail.com"] [unique_id "aMBHh4b77xzXU_dcdk-zJAAAAQ0"] [Tue Sep 09 18:28:12.603968 2025] [core:error] [pid 20428:tid 20440] [client 20.171.207.143:39358] AH10244: invalid URI path (/themes/primary/js/%url%) [Thu Sep 11 00:55:36.465474 2025] [authz_core:error] [pid 31905:tid 31927] [client 164.90.228.79:35042] AH01630: client denied by server configuration: /home/mysuits/kayan.mysuits.app/public/server-status [Fri Sep 12 01:05:42.849788 2025] [authz_core:error] [pid 11749:tid 11803] [client 206.189.2.13:41752] AH01630: client denied by server configuration: /home/mysuits/kayan.mysuits.app/public/server-status [Fri Sep 12 01:05:47.872893 2025] [authz_core:error] [pid 15487:tid 15539] [client 159.89.12.166:32884] AH01630: client denied by server configuration: /home/mysuits/kayan.mysuits.app/public/server-status [Thu Oct 09 12:13:11.329631 2025] [:error] [pid 4320:tid 4346] [client 20.27.26.223:30674] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Mon Oct 13 13:02:39.402948 2025] [:error] [pid 13241:tid 13253] [client 52.169.206.229:12575] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Thu Oct 16 21:00:43.909113 2025] [:error] [pid 16811:tid 16871] [client 4.217.248.143:59799] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Fri Oct 24 22:03:42.485562 2025] [:error] [pid 26775:tid 26779] [client 172.190.142.176:45274] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Mon Oct 27 11:39:59.767983 2025] [:error] [pid 14639:tid 14757] [client 4.218.11.42:39575] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/admin.php [Mon Oct 27 11:40:19.312812 2025] [:error] [pid 18310:tid 18357] [client 4.218.11.42:39576] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Mon Oct 27 20:10:39.389376 2025] [:error] [pid 14638:tid 14731] [client 74.176.186.150:27626] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Sat Nov 01 10:15:37.314559 2025] [:error] [pid 670:tid 706] [client 74.7.227.120:41660] [client 74.7.227.120] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/sherifmohie@gmail.com"] [unique_id "aQXBqYWHFN08OpDTbkxYQAAAANc"] [Sat Nov 01 10:17:01.110812 2025] [:error] [pid 670:tid 691] [client 74.7.227.120:35890] [client 74.7.227.120] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/sherifmohie@gmail.com"] [unique_id "aQXB_YWHFN08OpDTbkxYnwAAAMs"] [Sat Nov 01 10:22:07.596663 2025] [:error] [pid 670:tid 699] [client 74.7.227.120:50374] [client 74.7.227.120] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/ar/service/sherifmohie@gmail.com"] [unique_id "aQXDL4WHFN08OpDTbkxaVgAAANM"] [Sat Nov 01 10:22:27.509044 2025] [:error] [pid 350:tid 398] [client 74.7.227.120:57630] [client 74.7.227.120] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/service/sherifmohie@gmail.com"] [unique_id "aQXDQyhJ8wy1c6wbFdcZcwAAAA0"] [Sat Nov 01 10:22:50.210215 2025] [core:error] [pid 670:tid 702] [client 74.7.227.120:44054] AH10244: invalid URI path (/themes/primary/js/%url%) [Sat Nov 01 10:28:12.212224 2025] [:error] [pid 352:tid 476] [client 74.7.227.120:58806] [client 74.7.227.120] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".com"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "kayan.mysuits.app"] [uri "/en/sherifmohie@gmail.com"] [unique_id "aQXEnJl10LNPzPVL9fwUCQAAAJU"] [Sun Nov 02 12:52:57.070688 2025] [:error] [pid 29504:tid 29570] [client 4.217.190.253:40827] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/dropdown.php [Mon Nov 03 01:01:21.047413 2025] [core:error] [pid 29628:tid 29654] [client 45.131.155.100:50678] Script timed out before returning headers: index.php [Wed Nov 05 12:12:43.891856 2025] [:error] [pid 18975:tid 18996] [client 40.113.19.56:14427] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/mariju.php [Wed Nov 05 12:12:44.623422 2025] [:error] [pid 18975:tid 18998] [client 40.113.19.56:14427] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Sat Nov 08 18:56:38.781345 2025] [:error] [pid 26730:tid 26790] [client 172.99.188.165:43278] [client 172.99.188.165] ModSecurity: Access denied with code 403 (phase 2). Found 30 byte(s) in ARGS:_path outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "kayan.mysuits.app"] [uri "/_fragment"] [unique_id "aQ92RlBDbV7Y3K386GdUhAAAAME"] [Sat Nov 08 21:58:43.399740 2025] [:error] [pid 26899:tid 26937] [client 20.37.96.143:57402] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Sun Nov 09 00:54:11.846293 2025] [authz_core:error] [pid 26899:tid 26944] [client 46.101.1.225:54836] AH01630: client denied by server configuration: /home/mysuits/kayan.mysuits.app/public/server-status [Sun Nov 09 00:54:11.846325 2025] [authz_core:error] [pid 26898:tid 26908] [client 46.101.1.225:56946] AH01630: client denied by server configuration: /home/mysuits/kayan.mysuits.app/public/server-status [Tue Nov 11 13:29:46.922822 2025] [:error] [pid 15270:tid 15334] [client 23.166.88.142:35064] [client 23.166.88.142] ModSecurity: Access denied with code 403 (phase 2). Found 30 byte(s) in ARGS:_path outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "kayan.mysuits.app"] [uri "/_fragment"] [unique_id "aRMeKtRa2-v3c_yUjWdxwgAAAII"] [Thu Nov 13 19:17:18.136440 2025] [:error] [pid 10376:tid 10434] [client 172.207.123.72:16098] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Sun Nov 30 05:21:13.770364 2025] [:error] [pid 21497:tid 21541] [client 4.205.153.121:8174] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Fri Dec 05 05:41:28.394514 2025] [:error] [pid 637:tid 764] [client 4.189.253.242:7691] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Sun Dec 07 14:30:21.978762 2025] [:error] [pid 31772:tid 31863] [client 89.46.223.134:44980] [client 89.46.223.134] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "280"] [id "960011"] [rev "1"] [msg "GET or HEAD Request with Body Content."] [data "41"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "kayan.mysuits.app"] [uri "/index.php"] [unique_id "aTVzXX7_olNdy4Qw9bbNxQAAANI"] [Sun Dec 07 14:30:25.405860 2025] [:error] [pid 31938:tid 31950] [client 89.46.223.134:44992] [client 89.46.223.134] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "280"] [id "960011"] [rev "1"] [msg "GET or HEAD Request with Body Content."] [data "41"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "kayan.mysuits.app"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aTVzYc6je1UPtkLVO5rfSwAAAQo"] [Sun Dec 07 14:30:27.344829 2025] [:error] [pid 31772:tid 31862] [client 89.46.223.134:44994] [client 89.46.223.134] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "280"] [id "960011"] [rev "1"] [msg "GET or HEAD Request with Body Content."] [data "41"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "kayan.mysuits.app"] [uri "/php/php-cgi.exe"] [unique_id "aTVzY37_olNdy4Qw9bbNxwAAANE"] [Sun Dec 07 14:30:29.129631 2025] [:error] [pid 31772:tid 31864] [client 89.46.223.134:44996] [client 89.46.223.134] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "280"] [id "960011"] [rev "1"] [msg "GET or HEAD Request with Body Content."] [data "41"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "kayan.mysuits.app"] [uri "/cgi-bin/php-cgi.exe"] [unique_id "aTVzZX7_olNdy4Qw9bbNygAAANM"] [Sun Dec 07 14:30:32.562831 2025] [:error] [pid 31772:tid 31849] [client 89.46.223.134:53190] [client 89.46.223.134] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "280"] [id "960011"] [rev "1"] [msg "GET or HEAD Request with Body Content."] [data "41"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "kayan.mysuits.app"] [uri "/php-cgi.exe"] [unique_id "aTVzaH7_olNdy4Qw9bbNzgAAAMk"] [Sun Dec 07 14:30:34.566149 2025] [:error] [pid 31772:tid 31841] [client 89.46.223.134:53194] [client 89.46.223.134] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "280"] [id "960011"] [rev "1"] [msg "GET or HEAD Request with Body Content."] [data "41"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "kayan.mysuits.app"] [uri "/php.exe"] [unique_id "aTVzan7_olNdy4Qw9bbN0QAAAMU"] [Sun Dec 07 14:30:36.426102 2025] [:error] [pid 31771:tid 31848] [client 89.46.223.134:53200] [client 89.46.223.134] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "280"] [id "960011"] [rev "1"] [msg "GET or HEAD Request with Body Content."] [data "41"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "kayan.mysuits.app"] [uri "/php/php.exe"] [unique_id "aTVzbFmChp01vfrAzJQguwAAAJU"] [Sat Dec 13 09:22:47.992890 2025] [:error] [pid 587:tid 682] [client 54.147.50.165:48242] [client 54.147.50.165] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "kayan.mysuits.app"] [uri "/ar"] [unique_id "aT0UR6gU7I9tZh-BDY6yCQAAAJQ"] [Sat Dec 13 13:40:44.945586 2025] [:error] [pid 587:tid 681] [client 3.70.234.58:38816] [client 3.70.234.58] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "kayan.mysuits.app"] [uri "/ar"] [unique_id "aT1QvKgU7I9tZh-BDY4X1QAAAJM"] [Sat Dec 13 21:37:33.654869 2025] [:error] [pid 22739:tid 22751] [client 3.83.69.91:51428] [client 3.83.69.91] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "kayan.mysuits.app"] [uri "/ar"] [unique_id "aT3AfeVwBGF3zt5p5zUk8wAAAYY"] [Sat Dec 13 21:37:33.670340 2025] [:error] [pid 22654:tid 22699] [client 3.83.69.91:51430] [client 3.83.69.91] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "kayan.mysuits.app"] [uri "/ar"] [unique_id "aT3AfY4uf3Frg16TldlEMAAAAQY"] [Sun Dec 14 01:15:37.010975 2025] [:error] [pid 587:tid 682] [client 40.113.19.56:6516] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Sun Dec 14 01:15:56.459293 2025] [:error] [pid 587:tid 673] [client 40.113.19.56:9357] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/wp-login.php [Sun Dec 14 12:26:57.207206 2025] [:error] [pid 19439:tid 19520] [client 4.230.46.13:20788] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php