04-26-2013, 09:23 AM
hi,
i dont know exactly whats going on but some wp plugin in blocking my ip on my host,so
the host blocked my ip so i cant access cpanel ,ftp or all my website are down!
here is the line they give me:
i have not e clue where to look for what plugi is it,i have i think about 6-8 wp installs ,with some plugins in them,but how to track down witch one is the problem?
thank you for any advice!
regards.
i dont know exactly whats going on but some wp plugin in blocking my ip on my host,so
the host blocked my ip so i cant access cpanel ,ftp or all my website are down!
here is the line they give me:
Code:
Access denied with code 501 (phase 2). Pattern match "(?:\\b(?:(?:n(?:et(?:\\b\\W+?\\blocalgroup|\\.exe)|(?:map|c)\\.exe)|t(?:racer(?:oute|t)|elnet\\.exe|clsh8?|ftp)|(?:w(?:guest|sh)|rcmd|ftp)\\.exe|echo\\b\\W*?\\by+)\\b|c(?:md(?:(?:32)?\\.exe\\b|\\b\\W*?\\/c)|d(?:\\b\\W*?[\\\\/]|\\W*?\\.\\.)|hmod.{0,40}? ..." at ARGS:plugin. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "139"] [id "950006"] [msg "System Command Injection"] [data "/nc-"] [severity "CRITICAL"] [tag "WEB_ATTACK/COMMAND_INJECTION"] /wp-admin/plugins.php?action=activate&plugin=soon%2Fnc-coming-soon.php&plugin_status=all&paged=1&s&_wpnonce=320923de55 HTTP/1.1i have not e clue where to look for what plugi is it,i have i think about 6-8 wp installs ,with some plugins in them,but how to track down witch one is the problem?
thank you for any advice!
regards.