FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


mod_security reports WordPress as SQL injection attack!





jmlworld
I was updating (automatically) some plugins in my WordPress installation today as I have seen the following line in my error log:

Code:
[Sat Feb 28 06:10:01 2009] [error] [client my.ip.address] mod_security: Warning. Pattern match "update.+set.+=" at POST_PAYLOAD [msg "SQL Injection attack"] [severity "EMERGENCY"] [hostname "mysite.tld"] [uri "/wp-admin/options.php"]


The code below shows WordPress'es admin-ajax.php which is takes the AJAX Execution process. mod_security recognizes it as XSS attack.

Code:
[Sat Feb 28 08:20:18 2009] [error] [client my.ip.address] mod_security: Warning. Pattern match "<img" at POST_PAYLOAD [msg "XSS attack"] [severity "EMERGENCY"] [hostname "mysite.tld"] [uri "/wp-admin/admin-ajax.php"]


I would really show attack suspicion, but the reported IP address is just mine!! Lollz, I wouldn't attack my own site Sad
Related topics
Reply to topic    Frihost Forum Index -> Support and Web Hosting -> Web Hosting Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.