Can you help understand error log please

  • Resolved mkaiit

    (@mkaiit)


    8 years, 8 months ago

    Hello
    I love BPS. You guys are amazing

    I have noticed I get so many emails saying Security Log, I thought that is normal. Then just now I have opened it and saw, some of the text is

    [403 GET / HEAD Request: 2 April 2016 - 9:12 am]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 185.93.185.248
Host Name: 185.93.185.248
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /xmlrpc.php
QUERY_STRING:
HTTP_USER_AGENT:

    it is many times, what is this? someone is trying to hack?

    please advice what shall I do?

    thanks a lot!!

    regards
    mai

    https://www.ads-software.com/plugins/bulletproof-security/

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author AITpro

    (@aitpro)

    The GET Request was made to your xmlrpc.php file by Ukrainian IP address: 185.93.185.248. The User Agent is blank, which usually means the Request was made by a spambot. If you are using the XML-RPC protection code here: https://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/ in your root htaccess file then that XML-RPC protection code would block this bot from being able to access your xmlrpc.php file.

    Plugin Author AITpro

    (@aitpro)

    Did this answer all of your questions? If so, please resolve this thread. If not, please post any additional questions you may have. Thanks.

    Thread Start Date: 4-2-2016 to 4-3-2016
    Current Date: 4-4-2016

    Plugin Author AITpro

    (@aitpro)

    Assuming all questions have been answered – the thread has been resolved. If you have additional questions about this specific thread topic then you can post them at any time. We still receive email notifications when threads have been resolved.

    Thread Start Date: 4-2-2016 to 4-3-2016
    Thread Resolved/Current Date: 4-5-2016

    Thread Starter mkaiit

    (@mkaiit)

    Thank u so much sir u r so cooperative

    I went to the URL and checked my site, it said:

    XML-RPC server accepts POST requests only.

    I dont get too much what is this or the replay u stated above but i can follow in general

    1) Does that message means I am not using that kind of protection?

    2) Ukrain , pot means robot? not human?

    3) Is there anything I should do like change username or soemthing or nothing i have to do?

    thanks a million

    Plugin Author AITpro

    (@aitpro)

    The WordPress xmlrpc.php file only allows/accepts POST Requests and does not allow/accept GET Requests. A POST Request is submitted via a POST Form that submits POST Fields to your WordPress XML-RPC server API to be processed. A GET Request is basically just what it sounds like “you are making a Request to get data”. Trying to access a file or page directly via a Browser is a GET Request.

    1. WordPress protects the xmlrpc.php file. You can use additional BPS Bonus Custom Code to further protect the xmlrpc.php file.
    2. Yes, Bot is short for Robot.
    3. You can add additional BPS Bonus Custom Code to further protect the xmlrpc.php file, but for the most part any old security issues related to XML-RPC are all patched in the most current version of WordPress.

    Thread Starter mkaiit

    (@mkaiit)

    Thank u
    Do I have to do anything now to protect my site?
    Sorry if u already answered this as I didnt get what to do ^_^

    Plugin Author AITpro

    (@aitpro)

    You do not need to do anything else, but if you want to add extra protection for the xmlrpc.php file on your website then you can use the BPS Bonus Custom Code in either or both of these links below.

    https://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/

    https://forum.ait-pro.com/forums/topic/post-request-protection-post-attack-protection-post-request-blocker/

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Can you help understand error log please’ is closed to new replies.