Я запускаю простой веб-сайт на Bluehost, и мне нужно было использовать собственные сценарии Python, поэтому я создал папку cgi-bin в каталоге своего сайта и добавил туда свои файлы cgi python. Каждый раз, когда я пытался использовать AJAX-запрос для использования скриптов cgi, сервер продолжал возвращать ошибку 500.
Это то, что журнал основных ошибок показывает:
[Sun Nov 30 15:49:15 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "anewroundtable.com"] [uri "/wp-login.php/"] [unique_id "VHue6zJX@FcAADAOSWgAAACA"]
[Sun Nov 30 15:49:16 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "anewroundtable.com"] [uri "/wp-login.php/"] [unique_id "VHue7DJX@FcAADAOSWsAAACD"]
[Sun Nov 30 15:49:16 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "sunnymedias.com"] [uri "/wp-login.php/"] [unique_id "VHue6zJX@FcAADAOSWoAAACC"]
[Sun Nov 30 15:49:16 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "anewroundtable.com"] [uri "/wp-login.php/"] [unique_id "VHue7DJX@FcAAC34XhwAAAHN"]
[Sun Nov 30 15:49:16 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "sunnymedias.com"] [uri "/wp-login.php/"] [unique_id "VHue7DJX@FcAADAOSW0AAACF"]
[Sun Nov 30 15:49:17 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "anewroundtable.com"] [uri "/wp-login.php/"] [unique_id "VHue7TJX@FcAAC34Xh8AAAHK"]
[Sun Nov 30 15:49:17 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "sunnymedias.com"] [uri "/wp-login.php/"] [unique_id "VHue7TJX@FcAADAOSW8AAACH"]
[Sun Nov 30 15:49:17 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "anewroundtable.com"] [uri "/wp-login.php/"] [unique_id "VHue7TJX@FcAADAOSXEAAACJ"]
[Sun Nov 30 15:49:17 2014] [error] [client 91.121.209.34] ModSecurity: Access denied with code 406 (phase 1). Pattern match "Mozilla\\\\/5\\\\.0 \\\\(Windows; U; Windows NT 5\\\\.1; ru; rv:1\\\\.9\\\\.0\\\\.2\\\\) Gecko\\\\/2008091620 Firefox\\\\/3\\\\.0\\\\.2" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/eig_rules.conf"] [line "58"] [id "900228"] [msg "Wordpress Brute Force :: Firefox 8"] [hostname "sunnymedias.com"] [uri "/wp-login.php/"] [unique_id "VHue7TJX@FcAAC34XiEAAAHI"]
Основываясь на этом журнале ошибок, могу ли я предположить, что мой сайт взломали методом перебора? Это появляется, когда мой сайт не работает. Я удалил сайт из каталога файлов из-за страха перед хакерами, но это все еще отображается. Что именно здесь происходит? Мой сайт взламывают? Эти же журналы, кстати, появляются каждую секунду. Однако имена хостов меняются.
Любая помощь приветствуется.