VPS Vultr bị tấn công


(nambabylon79) #1

HI mọi người mình đang sử dụng VPS vultr cài HocVPS Script.
Hiện tại bên Vultr báo như vầy ? mọi ng có ai bị chưa ? có cách nào khắc phục và bảo mật hơn ko ? Cảm ơn moi ng

Hi, We have detected a network attack from an IP ( 202.182.116.113 ) from your network, a computer connected to it is probably infected and being part of a botnet. Please check it and fix it up as soon as possible. Thank you.
/
Saludos, Hemos detectado un ataque desde una ip ( 202.182.116.113 ) de su red, probablemente el equipo este infectado y este dentro de una botnet. Porfavor revisenlo y solucionenlo en la mayor brevedad posible. Muchas gracias.
The IP 202.182.116.113 has just been banned by Fail2Ban after
6 attempts against apache-attack.
Domain: mybadgirls.com (195.78.229.162)
Here are more information about 202.182.116.113:
Lines containing IP:202.182.116.113 in /furanet/sites/*/web/htdocs/logs/access
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:18 +0200] “GET /wp-login.php HTTP/1.1” 200 3147 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:19 +0200] “POST /wp-login.php HTTP/1.1” 200 4118 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:21 +0200] “GET /wp-login.php HTTP/1.1” 200 3147 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:21 +0200] “POST /wp-login.php HTTP/1.1” 200 4118 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:22 +0200] “GET /wp-login.php HTTP/1.1” 200 3147 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:23 +0200] “POST /wp-login.php HTTP/1.1” 200 4118 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:24 +0200] “GET /wp-login.php HTTP/1.1” 200 3147 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:25 +0200] “POST /wp-login.php HTTP/1.1” 200 4118 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:26 +0200] “GET /wp-login.php HTTP/1.1” 200 3147 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:27 +0200] “POST /wp-login.php HTTP/1.1” 200 4158 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:28 +0200] “GET /wp-login.php HTTP/1.1” 200 3147 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:29 +0200] “POST /wp-login.php HTTP/1.1” 200 4158 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:30 +0200] “GET /wp-login.php HTTP/1.1” 200 3147 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
/furanet/sites/mybadgirls.com/web/htdocs/logs/access:202.182.116.113 - - [25/May/2019:22:50:30 +0200] “POST /wp-login.php HTTP/1.1” 200 4118 “-” “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”
Date: Sat May 25 22:50:34 CEST 2019
Unix timestamp: 1558817431.37
Abuse Team
Comvive Servidores SL
abuse@comvive.com


(duy) #2

web bạn chắc dùng theme lậu, bạn nên dùng theme free hoặc bản quyền ko nên dùng mấy bản theme hay plugin share có thể có mã độc


(nambabylon79) #3

Thanks bác ! mình nghĩ cách tốt nhất vẫn là mua host mới backup qua những theme, plugin lậu nào thì gỡ hết ra là okie