One Hat Cyber Team

View File Name : server-1.mysuits.app.error.log

[Thu May 15 02:15:57.366928 2025] [authz_core:error] [pid 24592:tid 140535037662976] [client 165.227.173.41:60034] AH01630: client denied by server configuration: /home/mysuits1/public_html/server-status
[Thu May 15 02:15:57.690525 2025] [authz_core:error] [pid 24594:tid 140535220131584] [client 64.225.75.246:51042] AH01630: client denied by server configuration: /home/mysuits1/public_html/server-status
[Thu May 15 02:15:57.752088 2025] [:error] [pid 24594:tid 140535203346176] [client 165.227.173.41:60112] File does not exist: /home/mysuits1/public_html/info.php
[Thu May 15 02:15:58.070619 2025] [:error] [pid 24592:tid 140535194953472] [client 64.225.75.246:51106] File does not exist: /home/mysuits1/public_html/info.php
[Thu May 15 02:16:01.340205 2025] [authz_core:error] [pid 24838:tid 140535186560768] [client 167.71.81.114:54780] AH01630: client denied by server configuration: /home/mysuits1/public_html/server-status
[Thu May 15 02:16:02.842305 2025] [authz_core:error] [pid 24838:tid 140535020877568] [client 146.190.103.103:58898] AH01630: client denied by server configuration: /home/mysuits1/public_html/server-status
[Thu May 15 02:16:03.388410 2025] [:error] [pid 24838:tid 140534970521344] [client 167.71.81.114:54846] File does not exist: /home/mysuits1/public_html/info.php
[Thu May 15 02:16:07.316133 2025] [:error] [pid 24591:tid 140534995699456] [client 146.190.103.103:58984] File does not exist: /home/mysuits1/public_html/info.php
[Tue May 20 12:29:56.946184 2025] [:error] [pid 13370:tid 140037786158848] [client 170.39.217.108:37200] File does not exist: /home/mysuits1/public_html/_phpinfo.php
[Tue May 20 12:30:19.826237 2025] [:error] [pid 18937:tid 140037668660992] [client 170.39.217.108:32914] File does not exist: /home/mysuits1/public_html/app_dev.php
[Tue May 20 12:30:20.241584 2025] [:error] [pid 18937:tid 140037899290368] [client 170.39.217.108:32914] [client 170.39.217.108] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/env.backup"] [unique_id "aCxLrOXAPKzn8NzfrwONGgAAAUI"]
[Tue May 20 12:30:20.442012 2025] [:error] [pid 18937:tid 140037811336960] [client 170.39.217.108:32914] File does not exist: /home/mysuits1/public_html/info.php
[Tue May 20 12:30:33.886078 2025] [:error] [pid 18938:tid 140037802944256] [client 170.39.217.108:42574] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Tue May 20 12:30:44.633675 2025] [:error] [pid 18938:tid 140037710624512] [client 170.39.217.108:62450] File does not exist: /home/mysuits1/public_html/server-info.php
[Tue May 20 12:30:44.736971 2025] [:error] [pid 18938:tid 140037769373440] [client 170.39.217.108:62450] File does not exist: /home/mysuits1/public_html/server_info.php
[Tue May 20 12:30:44.793600 2025] [:error] [pid 18938:tid 140037916075776] [client 170.39.217.108:62450] [client 170.39.217.108] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/storage/logs/laravel.log"] [unique_id "aCxLxGMQadSkV9F-GJO2tAAAAYA"]
[Tue May 20 12:30:44.814318 2025] [:error] [pid 18938:tid 140037752588032] [client 170.39.217.108:62450] File does not exist: /home/mysuits1/public_html/test.php
[Tue May 20 12:30:44.851780 2025] [:error] [pid 18938:tid 140037685446400] [client 170.39.217.108:62450] File does not exist: /home/mysuits1/public_html/wp-config.php.bak
[Tue May 20 12:31:08.884256 2025] [:error] [pid 13372:tid 140037710624512] [client 170.39.217.108:23080] File does not exist: /home/mysuits1/public_html/.env.php
[Tue May 20 12:31:16.022002 2025] [:error] [pid 18938:tid 140037752588032] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/php.php
[Tue May 20 12:31:16.172484 2025] [:error] [pid 18938:tid 140037760980736] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/phptest.php
[Tue May 20 12:31:16.821546 2025] [:error] [pid 18938:tid 140037685446400] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/infophp.php
[Tue May 20 12:31:16.961816 2025] [:error] [pid 18938:tid 140037702231808] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/pinfo.php
[Tue May 20 12:31:17.100256 2025] [:error] [pid 18938:tid 140037651875584] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/information.php
[Tue May 20 12:31:17.112683 2025] [:error] [pid 18938:tid 140037744195328] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/php-info.php
[Tue May 20 12:31:17.121147 2025] [:error] [pid 18938:tid 140037811336960] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/phpversion.php
[Tue May 20 12:31:17.187338 2025] [:error] [pid 18938:tid 140037899290368] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/testphpinfo.php
[Tue May 20 12:31:17.195753 2025] [:error] [pid 18938:tid 140037786158848] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/admin.php
[Tue May 20 12:31:17.201875 2025] [:error] [pid 18938:tid 140037677053696] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/PHPConf.php
[Tue May 20 12:31:17.239229 2025] [:error] [pid 18938:tid 140037777766144] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/viewinfo.php
[Tue May 20 12:31:17.303622 2025] [:error] [pid 18938:tid 140037802944256] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/phpinfo.php3
[Tue May 20 12:31:17.334795 2025] [:error] [pid 18938:tid 140037651875584] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/inf.php
[Tue May 20 12:31:17.361884 2025] [:error] [pid 18938:tid 140037794551552] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/test.php
[Tue May 20 12:31:17.368179 2025] [:error] [pid 18938:tid 140037660268288] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/info1.php
[Tue May 20 12:31:17.405792 2025] [:error] [pid 18938:tid 140037777766144] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/.env.php
[Tue May 20 12:31:17.443426 2025] [:error] [pid 18938:tid 140037668660992] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/wp-config.php.2
[Tue May 20 12:31:17.451827 2025] [:error] [pid 18938:tid 140037685446400] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/wp-config.php.8
[Tue May 20 12:31:17.458135 2025] [:error] [pid 18938:tid 140037702231808] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/i.php
[Tue May 20 12:31:17.535167 2025] [:error] [pid 18938:tid 140037660268288] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/p.php
[Tue May 20 12:31:17.609959 2025] [:error] [pid 18938:tid 140037735802624] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/test4.php
[Tue May 20 12:31:17.674228 2025] [:error] [pid 18938:tid 140037760980736] [client 170.39.217.108:21682] File does not exist: /home/mysuits1/public_html/phpinfo3.php
[Tue May 20 12:31:17.940776 2025] [:error] [pid 18938:tid 140037719017216] [client 170.39.217.108:21682] [client 170.39.217.108] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/wp-config.backup"] [unique_id "aCxL5WMQadSkV9F-GJO3PQAAAY8"]
[Tue May 20 12:31:29.092700 2025] [:error] [pid 18882:tid 140037786158848] [client 170.39.217.108:14402] File does not exist: /home/mysuits1/public_html/linusadmin-phpinfo.php
[Tue May 20 12:31:30.507449 2025] [:error] [pid 18882:tid 140037693839104] [client 170.39.217.108:14402] File does not exist: /home/mysuits1/public_html/info2.php
[Tue May 20 12:31:41.246205 2025] [:error] [pid 13371:tid 140037907683072] [client 170.39.217.108:49050] File does not exist: /home/mysuits1/public_html/index.php
[Wed May 21 01:51:07.901009 2025] [:error] [pid 18937:tid 140037668660992] [client 170.39.217.210:65506] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Wed May 21 01:51:07.921569 2025] [:error] [pid 18937:tid 140037890897664] [client 170.39.217.210:65506] File does not exist: /home/mysuits1/public_html/info.php
[Wed May 21 09:17:22.571167 2025] [:error] [pid 20303:tid 140535482246912] [client 170.39.217.210:20716] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Wed May 21 09:17:22.583659 2025] [:error] [pid 20303:tid 140535465461504] [client 170.39.217.210:20716] File does not exist: /home/mysuits1/public_html/info.php
[Wed May 28 01:01:55.323608 2025] [:error] [pid 2219:tid 140629032036096] [client 47.128.14.207:55180] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Wed May 28 08:32:49.839851 2025] [:error] [pid 13175:tid 140613616035584] [client 185.177.72.144:50290] File does not exist: /home/mysuits1/public_html/_phpinfo.php
[Wed May 28 08:32:50.035783 2025] [:error] [pid 13175:tid 140613454354176] [client 185.177.72.144:50290] File does not exist: /home/mysuits1/public_html/app_dev.php
[Wed May 28 08:32:59.412998 2025] [:error] [pid 13174:tid 140613378819840] [client 185.177.72.144:48718] [client 185.177.72.144] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/env.backup"] [unique_id "aDagCzBlR13Yymroh3J8tQAAAFY"]
[Wed May 28 08:33:09.823753 2025] [:error] [pid 13266:tid 140613632820992] [client 185.177.72.144:37046] File does not exist: /home/mysuits1/public_html/info.php
[Wed May 28 08:33:10.252067 2025] [:error] [pid 13266:tid 140613487924992] [client 185.177.72.144:37046] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Wed May 28 08:33:10.320832 2025] [:error] [pid 13266:tid 140613471139584] [client 185.177.72.144:37046] File does not exist: /home/mysuits1/public_html/server-info.php
[Wed May 28 08:33:10.351950 2025] [:error] [pid 13266:tid 140613632820992] [client 185.177.72.144:37046] File does not exist: /home/mysuits1/public_html/server_info.php
[Wed May 28 08:33:10.439098 2025] [:error] [pid 13266:tid 140613616035584] [client 185.177.72.144:37046] [client 185.177.72.144] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/storage/logs/laravel.log"] [unique_id "aDagFmkpEkmnbei-UlldjAAAAMI"]
[Wed May 28 08:33:10.509412 2025] [:error] [pid 13266:tid 140613403997952] [client 185.177.72.144:37046] File does not exist: /home/mysuits1/public_html/test.php
[Wed May 28 08:33:10.546852 2025] [:error] [pid 13266:tid 140613362034432] [client 185.177.72.144:37046] File does not exist: /home/mysuits1/public_html/wp-config.php.bak
[Wed May 28 13:03:05.520907 2025] [:error] [pid 13175:tid 140613445961472] [client 185.177.72.144:23688] File does not exist: /home/mysuits1/public_html/_phpinfo.php
[Wed May 28 13:03:08.966286 2025] [:error] [pid 13175:tid 140613471139584] [client 185.177.72.144:23688] File does not exist: /home/mysuits1/public_html/app_dev.php
[Wed May 28 13:03:15.110071 2025] [:error] [pid 13266:tid 140613403997952] [client 185.177.72.144:58114] [client 185.177.72.144] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/env.backup"] [unique_id "aDbfY2kpEkmnbei-Ull1lgAAANM"]
[Wed May 28 13:03:15.426297 2025] [:error] [pid 13266:tid 140613538281216] [client 185.177.72.144:58114] File does not exist: /home/mysuits1/public_html/info.php
[Wed May 28 13:03:27.396994 2025] [:error] [pid 13266:tid 140613479532288] [client 185.177.72.144:58114] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Wed May 28 13:03:27.459162 2025] [:error] [pid 13266:tid 140613487924992] [client 185.177.72.144:58114] File does not exist: /home/mysuits1/public_html/server-info.php
[Wed May 28 13:03:27.484074 2025] [:error] [pid 13266:tid 140613504710400] [client 185.177.72.144:58114] File does not exist: /home/mysuits1/public_html/server_info.php
[Wed May 28 13:03:27.552785 2025] [:error] [pid 13266:tid 140613437568768] [client 185.177.72.144:58114] [client 185.177.72.144] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/storage/logs/laravel.log"] [unique_id "aDbfb2kpEkmnbei-Ull12QAAAM8"]
[Wed May 28 13:03:27.583881 2025] [:error] [pid 13266:tid 140613616035584] [client 185.177.72.144:58114] File does not exist: /home/mysuits1/public_html/test.php
[Wed May 28 13:03:27.629505 2025] [:error] [pid 13266:tid 140613471139584] [client 185.177.72.144:58114] File does not exist: /home/mysuits1/public_html/wp-config.php.bak
[Wed May 28 20:17:43.484069 2025] [:error] [pid 13266:tid 140613616035584] [client 185.177.72.144:17762] File does not exist: /home/mysuits1/public_html/_phpinfo.php
[Wed May 28 20:18:12.267072 2025] [:error] [pid 2765:tid 140613420783360] [client 185.177.72.144:54210] File does not exist: /home/mysuits1/public_html/app_dev.php
[Wed May 28 20:18:36.725935 2025] [:error] [pid 2765:tid 140613395605248] [client 185.177.72.144:41982] [client 185.177.72.144] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/env.backup"] [unique_id "aDdFbAEBx50S9at8q5F1HQAAARQ"]
[Wed May 28 20:18:37.227713 2025] [:error] [pid 2765:tid 140613632820992] [client 185.177.72.144:41982] File does not exist: /home/mysuits1/public_html/info.php
[Wed May 28 20:18:37.526404 2025] [:error] [pid 2765:tid 140613454354176] [client 185.177.72.144:41982] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Wed May 28 20:18:37.835996 2025] [:error] [pid 2765:tid 140613462746880] [client 185.177.72.144:41982] File does not exist: /home/mysuits1/public_html/server-info.php
[Wed May 28 20:18:49.174098 2025] [:error] [pid 13173:tid 140613445961472] [client 185.177.72.144:55264] File does not exist: /home/mysuits1/public_html/server_info.php
[Wed May 28 20:18:53.709192 2025] [:error] [pid 13173:tid 140613462746880] [client 185.177.72.144:55264] [client 185.177.72.144] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/storage/logs/laravel.log"] [unique_id "aDdFfQuTbHTxPcmZx_GlngAAAAw"]
[Wed May 28 20:18:53.727953 2025] [:error] [pid 13173:tid 140613479532288] [client 185.177.72.144:55264] File does not exist: /home/mysuits1/public_html/test.php
[Wed May 28 20:18:53.765427 2025] [:error] [pid 13173:tid 140613395605248] [client 185.177.72.144:55264] File does not exist: /home/mysuits1/public_html/wp-config.php.bak
[Thu May 29 00:32:41.839520 2025] [:error] [pid 13174:tid 140613395605248] [client 185.177.72.144:43912] File does not exist: /home/mysuits1/public_html/_phpinfo.php
[Thu May 29 00:32:53.531725 2025] [:error] [pid 2765:tid 140613504710400] [client 185.177.72.144:39708] [client 185.177.72.144] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/env.backup"] [unique_id "aDeBBQEBx50S9at8q5F_9QAAAQc"]
[Thu May 29 00:32:58.174970 2025] [:error] [pid 2765:tid 140613538281216] [client 185.177.72.144:39708] File does not exist: /home/mysuits1/public_html/info.php
[Thu May 29 00:32:58.429036 2025] [:error] [pid 2765:tid 140613370427136] [client 185.177.72.144:39708] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Thu May 29 00:32:58.491933 2025] [:error] [pid 2765:tid 140613429176064] [client 185.177.72.144:39708] File does not exist: /home/mysuits1/public_html/server-info.php
[Thu May 29 00:32:58.593465 2025] [:error] [pid 3548:tid 140613529888512] [client 185.177.72.144:30144] File does not exist: /home/mysuits1/public_html/server_info.php
[Thu May 29 00:32:58.717260 2025] [:error] [pid 3548:tid 140613454354176] [client 185.177.72.144:30144] [client 185.177.72.144] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/storage/logs/laravel.log"] [unique_id "aDeBCvEMvfH2ccjj79fw5AAAAU0"]
[Thu May 29 00:32:58.750447 2025] [:error] [pid 3548:tid 140613429176064] [client 185.177.72.144:30144] File does not exist: /home/mysuits1/public_html/test.php
[Thu May 29 00:32:58.977717 2025] [:error] [pid 3548:tid 140613370427136] [client 185.177.72.144:30144] File does not exist: /home/mysuits1/public_html/wp-config.php.bak
[Fri May 30 10:13:34.280347 2025] [:error] [pid 2863:tid 140678947858176] [client 34.174.120.158:56362] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Sun Jun 01 23:16:44.737141 2025] [:error] [pid 12358:tid 140151678260992] [client 185.177.72.210:59338] File does not exist: /home/mysuits1/public_html/app_dev.php
[Sun Jun 01 23:16:45.102485 2025] [:error] [pid 12358:tid 140151745402624] [client 185.177.72.210:59338] [client 185.177.72.210] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/env.backup"] [unique_id "aDy1LbNwIi0VS_bd8kkumQAAAMY"]
[Sun Jun 01 23:16:45.144529 2025] [:error] [pid 12358:tid 140151678260992] [client 185.177.72.210:59338] File does not exist: /home/mysuits1/public_html/i.php
[Sun Jun 01 23:16:45.171407 2025] [:error] [pid 12358:tid 140151762188032] [client 185.177.72.210:59338] File does not exist: /home/mysuits1/public_html/info.php
[Sun Jun 01 23:16:45.590598 2025] [:error] [pid 12269:tid 140151762188032] [client 185.177.72.210:59340] File does not exist: /home/mysuits1/public_html/p.php
[Sun Jun 01 23:16:45.605012 2025] [:error] [pid 12269:tid 140151745402624] [client 185.177.72.210:59340] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Sun Jun 01 23:16:45.674097 2025] [:error] [pid 12269:tid 140151653082880] [client 185.177.72.210:59340] File does not exist: /home/mysuits1/public_html/server-info.php
[Sun Jun 01 23:16:45.738498 2025] [:error] [pid 12269:tid 140151711831808] [client 185.177.72.210:59340] [client 185.177.72.210] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/storage/logs/laravel.log"] [unique_id "aDy1LQ39MxcusyE7XRYUfQAAAIo"]
[Sun Jun 01 23:16:45.757484 2025] [:error] [pid 12269:tid 140151762188032] [client 185.177.72.210:59340] File does not exist: /home/mysuits1/public_html/test.php
[Sun Jun 01 23:16:45.763800 2025] [:error] [pid 12269:tid 140151728617216] [client 185.177.72.210:59340] File does not exist: /home/mysuits1/public_html/test_phpinfo.php
[Sun Jun 01 23:16:45.807860 2025] [:error] [pid 12269:tid 140151703439104] [client 185.177.72.210:59340] File does not exist: /home/mysuits1/public_html/wp-config.php.bak
[Sun Jun 01 23:16:45.926694 2025] [:error] [pid 12269:tid 140151745402624] [client 185.177.72.210:59340] File does not exist: /home/mysuits1/public_html/_phpinfo.php
[Mon Jun 09 17:05:02.653901 2025] [:error] [pid 8666:tid 139986448480000] [client 185.177.72.106:54942] File does not exist: /home/mysuits1/public_html/i.php
[Mon Jun 09 17:05:02.660158 2025] [:error] [pid 8666:tid 139986271696640] [client 185.177.72.106:54942] File does not exist: /home/mysuits1/public_html/info.php
[Mon Jun 09 17:05:02.672646 2025] [:error] [pid 8666:tid 139986423301888] [client 185.177.72.106:54942] File does not exist: /home/mysuits1/public_html/p.php
[Mon Jun 09 17:05:02.685116 2025] [:error] [pid 8666:tid 139986204555008] [client 185.177.72.106:54942] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Wed Jun 11 05:27:13.279089 2025] [:error] [pid 27398:tid 140275250824960] [client 185.177.72.144:17446] File does not exist: /home/mysuits1/public_html/i.php
[Wed Jun 11 05:27:13.285335 2025] [:error] [pid 27398:tid 140275326359296] [client 185.177.72.144:17446] File does not exist: /home/mysuits1/public_html/info.php
[Wed Jun 11 05:27:13.297801 2025] [:error] [pid 27398:tid 140275368322816] [client 185.177.72.144:17446] File does not exist: /home/mysuits1/public_html/p.php
[Wed Jun 11 05:27:13.312525 2025] [:error] [pid 27398:tid 140275376715520] [client 185.177.72.144:17446] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Tue Jul 01 16:00:42.482695 2025] [:error] [pid 23680:tid 140081180382976] [client 146.70.194.254:54904] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Thu Jul 03 07:24:43.552487 2025] [:error] [pid 6943:tid 140103150192384] [client 18.236.71.43:58104] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Fri Jul 04 08:36:23.602919 2025] [:error] [pid 16759:tid 139636399650560] [client 152.42.246.219:57420] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Sat Jul 05 21:32:29.536264 2025] [:error] [pid 28519:tid 140072162649856] [client 146.70.194.254:59326] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Sat Jul 12 06:45:14.940606 2025] [:error] [pid 17487:tid 140319827928832] [client 45.148.10.249:40404] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Sat Jul 12 06:45:15.334622 2025] [:error] [pid 17589:tid 140319777572608] [client 45.148.10.249:40446] File does not exist: /home/mysuits1/public_html/php_info.php
[Mon Jul 14 00:58:36.643770 2025] [:error] [pid 15364:tid 140707638728448] [client 34.132.209.132:44912] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/s3cfg.ini"] [unique_id "aHQsDNyq1Klf51LqNkCWvAAAAIA"]
[Mon Jul 14 00:58:36.645191 2025] [:error] [pid 15364:tid 140707398338304] [client 34.132.209.132:44938] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/s3cfg.ini"] [unique_id "aHQsDNyq1Klf51LqNkCWvQAAAJQ"]
[Mon Jul 14 00:58:36.648607 2025] [:error] [pid 15364:tid 140707448694528] [client 34.132.209.132:44882] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/.aws/credentials.ini"] [unique_id "aHQsDNyq1Klf51LqNkCWvwAAAI4"]
[Mon Jul 14 00:58:36.648705 2025] [:error] [pid 15363:tid 140707507443456] [client 34.132.209.132:44960] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/.aws/credentials.ini"] [unique_id "aHQsDKP-ZFfCNTo9l-R1qQAAAEc"]
[Mon Jul 14 00:58:36.745040 2025] [:error] [pid 15362:tid 140707373160192] [client 34.132.209.132:45002] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/credentials.db"] [unique_id "aHQsDJdnPwq9cvxqGfcPoQAAABc"]
[Mon Jul 14 00:58:36.748370 2025] [:error] [pid 15364:tid 140707406731008] [client 34.132.209.132:44912] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".cfg"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/s3cfg.cfg"] [unique_id "aHQsDNyq1Klf51LqNkCWwgAAAJM"]
[Mon Jul 14 00:58:36.750011 2025] [:error] [pid 15364:tid 140707373160192] [client 34.132.209.132:44938] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".cfg"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/s3cfg.cfg"] [unique_id "aHQsDNyq1Klf51LqNkCWwwAAAJc"]
[Mon Jul 14 00:58:36.751475 2025] [:error] [pid 15450:tid 140707532621568] [client 34.132.209.132:44850] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/credentials.db"] [unique_id "aHQsDKoyKJ0w0qjuiiRmWwAAAMQ"]
[Mon Jul 14 00:58:36.754752 2025] [:error] [pid 15363:tid 140707557799680] [client 34.132.209.132:44960] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/.aws/config.ini"] [unique_id "aHQsDKP-ZFfCNTo9l-R1qwAAAEE"]
[Mon Jul 14 00:58:36.754868 2025] [:error] [pid 15364:tid 140707541014272] [client 34.132.209.132:44882] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/.aws/config.ini"] [unique_id "aHQsDNyq1Klf51LqNkCWxQAAAIM"]
[Mon Jul 14 00:58:36.849647 2025] [:error] [pid 15362:tid 140707389945600] [client 34.132.209.132:45002] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/.config/gcloud/credentials.db"] [unique_id "aHQsDJdnPwq9cvxqGfcPowAAABU"]
[Mon Jul 14 00:58:36.856345 2025] [:error] [pid 15364:tid 140707507443456] [client 34.132.209.132:44912] [client 34.132.209.132] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/.config/gcloud/credentials.db"] [unique_id "aHQsDNyq1Klf51LqNkCWyAAAAIc"]
[Mon Jul 14 10:00:28.451953 2025] [:error] [pid 17099:tid 140038750828288] [client 54.86.45.0:55176] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Wed Jul 16 19:05:57.980142 2025] [:error] [pid 29625:tid 140121663813376] [client 98.81.206.25:62072] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Thu Jul 17 07:08:07.111913 2025] [:error] [pid 18146:tid 140094476363520] [client 54.152.184.102:58809] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Thu Jul 24 04:37:03.363010 2025] [authz_core:error] [pid 16286:tid 140005691303680] [client 209.97.180.8:36432] AH01630: client denied by server configuration: /home/mysuits1/public_html/server-status
[Thu Jul 24 04:37:03.401962 2025] [authz_core:error] [pid 18525:tid 140005766838016] [client 64.226.65.160:42404] AH01630: client denied by server configuration: /home/mysuits1/public_html/server-status
[Thu Jul 24 04:37:03.628129 2025] [authz_core:error] [pid 16195:tid 140005724874496] [client 206.81.24.227:54620] AH01630: client denied by server configuration: /home/mysuits1/public_html/server-status
[Thu Jul 24 04:37:03.757718 2025] [:error] [pid 16286:tid 140005674518272] [client 209.97.180.8:36528] File does not exist: /home/mysuits1/public_html/info.php
[Thu Jul 24 04:37:04.085321 2025] [:error] [pid 16286:tid 140005615769344] [client 64.226.65.160:42470] File does not exist: /home/mysuits1/public_html/info.php
[Thu Jul 24 04:37:04.214842 2025] [:error] [pid 18525:tid 140005649340160] [client 206.81.24.227:54714] File does not exist: /home/mysuits1/public_html/info.php
[Thu Jul 24 04:37:04.680066 2025] [authz_core:error] [pid 18525:tid 140005716481792] [client 157.230.19.140:34808] AH01630: client denied by server configuration: /home/mysuits1/public_html/server-status
[Thu Jul 24 04:37:05.206335 2025] [:error] [pid 18525:tid 140005792016128] [client 157.230.19.140:34888] File does not exist: /home/mysuits1/public_html/info.php
[Fri Jul 25 07:45:45.304424 2025] [:error] [pid 4860:tid 139664912492288] [client 44.204.179.168:61077] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Fri Jul 25 09:19:15.876273 2025] [:error] [pid 4860:tid 139664904099584] [client 213.209.143.116:53926] File does not exist: /home/mysuits1/public_html/config.php
[Fri Jul 25 09:19:16.318768 2025] [:error] [pid 4773:tid 139665098163968] [client 213.209.143.116:53954] [client 213.209.143.116] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/backup.sql"] [unique_id "aIMh5E4Y-nx8IAW5xFqGigAAAII"]
[Fri Jul 25 09:19:16.412215 2025] [:error] [pid 4771:tid 139665098163968] [client 213.209.143.116:53960] [client 213.209.143.116] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".bak"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/site.bak"] [unique_id "aIMh5O_f9BoLr-vntvHCygAAAAI"]
[Mon Jul 28 00:26:39.341338 2025] [:error] [pid 8407:tid 140578624820992] [client 165.22.250.175:52899] File does not exist: /home/mysuits1/public_html/xmlrpc.php
[Tue Jul 29 23:13:34.139512 2025] [:error] [pid 25916:tid 139798744352512] [client 77.234.44.173:49277] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Tue Jul 29 23:13:34.369436 2025] [:error] [pid 26003:tid 139798719174400] [client 77.234.44.173:49284] File does not exist: /home/mysuits1/public_html/info.php
[Tue Jul 29 23:13:34.786823 2025] [:error] [pid 26003:tid 139798828279552] [client 77.234.44.173:49298] File does not exist: /home/mysuits1/public_html/i.php
[Tue Jul 29 23:13:35.001800 2025] [:error] [pid 26003:tid 139798752745216] [client 77.234.44.173:49209] File does not exist: /home/mysuits1/public_html/test1.php
[Tue Jul 29 23:13:35.222207 2025] [:error] [pid 26003:tid 139798786316032] [client 77.234.44.173:49345] File does not exist: /home/mysuits1/public_html/test2.php
[Tue Jul 29 23:13:35.484145 2025] [:error] [pid 25915:tid 139798693996288] [client 77.234.44.173:49253] File does not exist: /home/mysuits1/public_html/wp-config.php.bak
[Tue Jul 29 23:13:36.366370 2025] [:error] [pid 25916:tid 139798710781696] [client 77.234.44.173:49203] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/db.sql"] [unique_id "aIkrcH7fZ_C1pZRPsUmfDgAAAFE"]
[Tue Jul 29 23:13:36.593347 2025] [:error] [pid 25915:tid 139798777923328] [client 77.234.44.173:49204] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/database.sql"] [unique_id "aIkrcHp5KcIv0cHLHkdwjQAAAQk"]
[Tue Jul 29 23:13:36.663169 2025] [:error] [pid 26003:tid 139798836672256] [client 77.234.44.173:49271] File does not exist: /home/mysuits1/public_html/phpinfo.php
[Tue Jul 29 23:13:36.815991 2025] [:error] [pid 25916:tid 139798915966720] [client 77.234.44.173:49258] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/backup.sql"] [unique_id "aIkrcH7fZ_C1pZRPsUmfEAAAAEE"]
[Tue Jul 29 23:13:36.885856 2025] [:error] [pid 26003:tid 139798744352512] [client 77.234.44.173:49267] File does not exist: /home/mysuits1/public_html/info.php
[Tue Jul 29 23:13:37.027559 2025] [:error] [pid 26003:tid 139798803101440] [client 77.234.44.173:49243] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/config/db.sql"] [unique_id "aIkrcd8CfN7WEdtDCC3hZwAAAAY"]
[Tue Jul 29 23:13:37.248677 2025] [:error] [pid 25916:tid 139798660425472] [client 77.234.44.173:49382] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/sql/db.sql"] [unique_id "aIkrcX7fZ_C1pZRPsUmfFgAAAFc"]
[Tue Jul 29 23:13:37.295511 2025] [:error] [pid 25914:tid 139798828279552] [client 77.234.44.173:49221] File does not exist: /home/mysuits1/public_html/i.php
[Tue Jul 29 23:13:37.452655 2025] [:error] [pid 26003:tid 139798702388992] [client 77.234.44.173:49392] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/data/dump.sql"] [unique_id "aIkrcd8CfN7WEdtDCC3haQAAABI"]
[Tue Jul 29 23:13:37.500988 2025] [:error] [pid 25916:tid 139798677210880] [client 77.234.44.173:49314] File does not exist: /home/mysuits1/public_html/test1.php
[Tue Jul 29 23:13:37.666530 2025] [:error] [pid 26003:tid 139798735959808] [client 77.234.44.173:49278] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/backups/database.sql"] [unique_id "aIkrcd8CfN7WEdtDCC3hbAAAAA4"]
[Tue Jul 29 23:13:37.716235 2025] [:error] [pid 25916:tid 139798836672256] [client 77.234.44.173:49329] File does not exist: /home/mysuits1/public_html/test2.php
[Tue Jul 29 23:13:37.918145 2025] [:error] [pid 25915:tid 139798836672256] [client 77.234.44.173:49305] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/mysql.sql"] [unique_id "aIkrcXp5KcIv0cHLHkdwjwAAAQI"]
[Tue Jul 29 23:13:37.922855 2025] [:error] [pid 26003:tid 139798794708736] [client 77.234.44.173:49269] File does not exist: /home/mysuits1/public_html/wp-config.php.bak
[Tue Jul 29 23:13:38.126154 2025] [:error] [pid 26003:tid 139798702388992] [client 77.234.44.173:49245] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server-1.mysuits.app"] [uri "/db_backup.sql"] [unique_id "aIkrct8CfN7WEdtDCC3heAAAABI"]
[Tue Jul 29 23:13:38.816203 2025] [:error] [pid 25916:tid 139798915966720] [client 77.234.44.173:49223] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/db.sql"] [unique_id "aIkrcn7fZ_C1pZRPsUmfKwAAAEE"]
[Tue Jul 29 23:13:39.041202 2025] [:error] [pid 26003:tid 139798735959808] [client 77.234.44.173:49369] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/dump.sql"] [unique_id "aIkrc98CfN7WEdtDCC3hiAAAAA4"]
[Tue Jul 29 23:13:39.243480 2025] [:error] [pid 26003:tid 139798794708736] [client 77.234.44.173:49285] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/database.sql"] [unique_id "aIkrc98CfN7WEdtDCC3hjwAAAAc"]
[Tue Jul 29 23:13:39.450805 2025] [:error] [pid 25916:tid 139798769530624] [client 77.234.44.173:49327] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/backup.sql"] [unique_id "aIkrc37fZ_C1pZRPsUmfMAAAAEo"]
[Tue Jul 29 23:13:39.667645 2025] [:error] [pid 26003:tid 139798777923328] [client 77.234.44.173:49328] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/config/db.sql"] [unique_id "aIkrc98CfN7WEdtDCC3hlwAAAAk"]
[Tue Jul 29 23:13:39.900544 2025] [:error] [pid 25914:tid 139798702388992] [client 77.234.44.173:49297] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/sql/db.sql"] [unique_id "aIkrc-5xFiZBaXyu8tfOaAAAANI"]
[Tue Jul 29 23:13:40.116163 2025] [:error] [pid 25916:tid 139798735959808] [client 77.234.44.173:49311] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/data/dump.sql"] [unique_id "aIkrdH7fZ_C1pZRPsUmfPwAAAE4"]
[Tue Jul 29 23:13:40.330799 2025] [:error] [pid 26003:tid 139798819886848] [client 77.234.44.173:49240] [client 77.234.44.173] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.server-1.mysuits.app"] [uri "/backups/database.sql"] [unique_id "aIkrdN8CfN7WEdtDCC3hoQAAAAQ"]
[Thu Jul 31 11:19:17.506485 2025] [:error] [pid 31039:tid 140191506605824] [client 198.144.182.13:60484] PHP Warning:  Undefined variable $tmp in /home/mysuits1/public_html/defauit.php on line 33, referer: https://www.google.com