Attacks That Imunify360 Didn’t Stop (Ninja Firewall Did)

(I had to convert the quotes to images because for some reason WordPress Gutenberg and/or Imunify360 was causing Json errors)

I will continue to post more recent attacks using the commenting system below.

5 Comments

  1. Yesterday and today we were under CONSTANT SQL attacks for hours and hours. We had to ban the IP from (what else …) Russia.

    Imunify360 did nothing about it. We also reached the sql database connections limit and the whole site crashed several times.

    I think Imunify360 is actually a useless piece of software. Totally.

    Here is small sample of the attack log, i can’t post it in the comment due to size.

    https://www.valueweb.gr/wp-content/uploads/2020/06/sql_attack1.txt

  2. 06/May/20 11:48:58 #2266490 INFO – 139.9.1.54 GET /index.php – Sanitising user input –

    [HTTP_REFERER: 45ea207d7a2b68c49582d2d22adf953aads|a:2:{s:3:”num”;s:289:”*/SELECT 1,0x2d312720554e494f4e2f2a,2,4,5,6,7,8,0x7b24617364275d3b617373657274286261736536345f6465636f646528275a6d6c735a56397764…]

  3. All those “attacks” are harmless IMHO. Not sure if they should be blocked my Imunify360 or not.

    1. I’m not a security expert but i think some of those attacks should have been blocked, especially the SQL Injection attacks.

      And maybe some are blocked but some also are not.

  4. 08/Apr/20 02:53:08 #1384081 CRITICAL 285 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2);SELECT PG_SLEEP(5)–] –
    08/Apr/20 02:53:09 #8045651 CRITICAL 285 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2;SELECT PG_SLEEP(5)–] –
    08/Apr/20 02:53:10 #1113918 CRITICAL 285 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2′);SELECT PG_SLEEP(5)–] –
    08/Apr/20 02:53:11 #8154067 CRITICAL 285 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2′;SELECT PG_SLEEP(5)–] –
    08/Apr/20 02:53:12 #6462739 CRITICAL 285 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2%’;SELECT PG_SLEEP(5)–] –
    08/Apr/20 02:53:13 #7284703 HIGH 287 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2);WAITFOR DELAY ‘0:0:5’–] –
    08/Apr/20 02:53:14 #2211525 HIGH 287 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2;WAITFOR DELAY ‘0:0:5′–] –
    08/Apr/20 02:53:15 #5597856 HIGH 287 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2’);WAITFOR DELAY ‘0:0:5′–] –
    08/Apr/20 02:53:16 #4259316 HIGH 287 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2’;WAITFOR DELAY ‘0:0:5′–] –
    08/Apr/20 02:53:17 #6980785 HIGH 287 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2%’;WAITFOR DELAY ‘0:0:5’–] –
    08/Apr/20 02:53:23 #1601175 CRITICAL 280 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) ORDER BY 1– KbID] –
    08/Apr/20 02:53:24 #8646820 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL– gBkS] –
    08/Apr/20 02:53:25 #5154950 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL– sTMD] –
    08/Apr/20 02:53:26 #2786168 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL,NULL– eeth] –
    08/Apr/20 02:53:27 #6455537 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL,NULL,NULL– AJdH] –
    08/Apr/20 02:53:28 #8739860 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL– IGaM] –
    08/Apr/20 02:53:29 #6577399 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL– ybWZ] –
    08/Apr/20 02:53:31 #6453565 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL– ecYA] –
    08/Apr/20 02:53:32 #2360470 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL– iZGA] –
    08/Apr/20 02:53:33 #3063552 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL– iQaf] –
    08/Apr/20 02:53:34 #3853952 CRITICAL 263 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL– bliW] –
    08/Apr/20 02:53:35 #7304613 CRITICAL 280 93.99.104.101 POST /index.php – SQL injection – [GET:type = rss2 ORDER BY 1– NPOh] –

Comments are closed.