We are installing a new security script "ModSecurity" to this server, and we have to recompile the server scripts to do this, and some downtime is expected. :banghead:

To read more on this go here, https://www.modsecurity.org/

ok it has been installed, this morning I will recompile the forums to clean the floors.:a1089:

in the past 18 hours we have caught 150 trying to hack us from behind, here is an example of just 1 of these attacks

Time: Wed Mar 4 17:16:53 2015 -0500
IP: 90.203.219.111 (GB/United Kingdom/5acbdb6f.bb.sky.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes

Log entries:

[Wed Mar 04 17:16:48 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/showthread.php"] [unique_id "VPeEUEjpTOoAADILetIAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetMAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetQAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetUAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetYAAAAJ"]

nuther 1, note the same id tag
[unique_id "VPeKaEjpTOoAAFq7rpYAAAAU"]

Time: Wed Mar 4 17:42:54 2015 -0500
IP: 198.20.67.254 (US/United States/koala.filekoala.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes

Log entries:

[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/archive/index.php/t-74671.html"] [unique_id "VPeKaEjpTOoAAFq7rpIAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpMAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpQAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpUAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpYAAAAU"]

this is fun catching flies

Time: Wed Mar 4 17:46:34 2015 -0500
IP: 54.144.41.13 (US/United States/ec2-54-144-41-13.compute-1.amazonaws.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes

Log entries:

[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "sim-outhouse.com"] [uri "/robots.txt"] [unique_id "VPeLRUjpTOoAAF8c6fsAAAAR"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/showthread.php"] [unique_id "VPeLRUjpTOoAAF8Z564AAAAM"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "sim-outhouse.com"] [uri "/"] [unique_id "VPeLRUjpTOoAAF8c6fwAAAAR"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeLRUjpTOoAAF8Z568AAAAM"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/robots.txt"] [unique_id "VPeLRUjpTOoAAGGv96AAAAAJ"]

they just dont give up, must be from titan
the code is so far out that i have to show a screen shot only

20583