Menu

Topic-icon mass event suppression by?

  • herveD
  • herveD's Avatar Topic Author
  • Offline
  • Senior Boarder
  • Senior Boarder
More
3 months 1 day ago #6645 by herveD
Replied by herveD on topic mass event suppression by?
Well I think there was an attack on this site (see the logs) but I did not have (or I did not pay attention) to the alert.
I do not know if the attack was successful?
I send you the log by email

Please Log in or Create an account to join the conversation.

  • herveD
  • herveD's Avatar Topic Author
  • Offline
  • Senior Boarder
  • Senior Boarder
More
3 months 1 day ago #6646 by herveD
Replied by herveD on topic mass event suppression by?
Hi Jose
I followed your recommendations last year; It seems to me that he is well configured (cf image).
I understand the interest but if I am not connected, could he connect?
I sent you the log file because it seems to me that there was an attack on the files dpcalendar but I do not understand by reading if the attack failed or successful (and what to do in this case, just restore this good file?)
Regards
Attachments:

Please Log in or Create an account to join the conversation.

More
3 months 1 day ago #6647 by Jose
Replied by Jose on topic mass event suppression by?
Hi Herve,

The log file of the malware scanner you have sent me doesn't show malicious content and the firewall is well configured. Can you send me the file of SCP logs? There we will see all the attacks blocked.

Regards,
Jose

Please Log in or Create an account to join the conversation.

More
3 months 1 day ago #6648 by Jose
Replied by Jose on topic mass event suppression by?
On the other hand, the "Track Actions" plugin can help you to identify user actions, adding also the IP:

Regards,
Jose
Attachments:

Please Log in or Create an account to join the conversation.

  • herveD
  • herveD's Avatar Topic Author
  • Offline
  • Senior Boarder
  • Senior Boarder
More
3 months 1 day ago #6649 by herveD
Replied by herveD on topic mass event suppression by?
Malware Scanner
Ok, if I understand correctly, the suspected file is not infected.
I have to tick it as correct?
SCP
I sent hopefully the good log file of "Web Firewall Logs"
but can a hacker do damage without being detected by your extension?
I'm not talking about the case where he got my password of course

Ok I'll have to buy the extension at the time, but now I do not have time

Please Log in or Create an account to join the conversation.

More
3 months 1 day ago #6650 by Jose
Replied by Jose on topic mass event suppression by?
Hi Herve,

Ok, if I understand correctly, the suspected file is not infected.
I have to tick it as correct?

Yes, suspicious files reported are false positives.

I sent hopefully the good log file of "Web Firewall Logs"
but can a hacker do damage without being detected by your extension?
I'm not talking about the case where he got my password of course

Analyzing your logs you suffered an attack on 27-02-2019 trying to guess a valid username/password. This is known as a brute force (or dictionary) attack and Securitycheck Pro blocked all attempts. But this attack wasa conducted using a botnet, so you were attacked from a different IP every time. To avoid this kind of attacks you must enable the "backend protection" feature into the ".htaccess protection" feature of Securitycheck Pro (or adding other method as a .htpasswd file). It wasn't enabled, was it?

Regards,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.072 seconds
Powered by Kunena Forum

Login or Sign In