I am having issues on my site where I cannot loin to admin. Checking the logs I am showing:
[Tue Mar 06 09:33:49.165730 2018] [:error] [pid 21347] [client xx.xx.xx.xx :51041] [client 80.4.133.243] ModSecurity: Warning. detected SQLi using libinjection with fingerprint '1c' [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "43"] [id "942100"] [rev "1"] [msg "SQL Injection Attack Detected via libinjection"] [data "Matched Data: 1c found within REQUEST_COOKIES:idev: 144--3-4-------http%3A%2F%2Fdomain.co.uk%2Findex.php%3Foption%3Dcom_comprofiler%26task%3Dpluginclass%26plugin%3Dcbpaidsubscriptions%26do%3Ddisplayplans%26Itemid%3D243"] [severity "CRITICAL"] [ver "OWASP_CRS/3.0.0"] [maturity "1"] [accuracy "8"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "domain.co.uk"] [uri "/media/jui/js/jquery-migrate.min.js"] [unique_id "Wp5gfUOfWp0JBQKZjjpjWAAAAAo"], referer:
www.domain.co.uk/administrator/
This is appearing when I try to log into the site - the client IP is mine.
Help!
krileon
