Bon, je vais simplifier les fichiers robot et htaccess.
J'ai scanné les logs du domaine, mais je ne comprends pas l'origine du problème :
- Code : Tout sélectionner
[Sun Jul 17 21:28:19 2016] [error] [client 72.10.193.84] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "65"] [id "960009"] [rev "2.1.1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.parfumdefleurs.eu"] [uri "/"] [unique_id "V4vcUwoAfpQAAGhKDGQAAABW"]
[Sun Jul 17 21:28:28 2016] [error] [client 109.71.51.92] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "lynx" at REQUEST_HEADERS:User-Agent. [file "/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_35_bad_robots.conf"] [line "26"] [id "990012"] [rev "2.1.1"] [msg "Rogue web site crawler"] [data "lynx"] [severity "WARNING"] [tag "AUTOMATION/MALICIOUS"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.parfumdefleurs.eu"] [uri "/"] [unique_id "V4vcXAoAfpQAAGhKDJAAAABG"]
[Sun Jul 17 21:28:41 2016] [error] [client 72.10.193.84] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "65"] [id "960009"] [rev "2.1.1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.parfumdefleurs.eu"] [uri "/"] [unique_id "V4vcaQoAfpQAAGhKDYgAAABO"]
[Sun Jul 17 21:28:52 2016] [error] [client 72.10.193.84] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "65"] [id "960009"] [rev "2.1.1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.parfumdefleurs.eu"] [uri "/"] [unique_id "V4vcdAoAfpQAAGhKDgUAAABK"]
[Sun Jul 17 21:29:55 2016] [error] [client 109.71.51.92] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "lynx" at REQUEST_HEADERS:User-Agent. [file "/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_35_bad_robots.conf"] [line "26"] [id "990012"] [rev "2.1.1"] [msg "Rogue web site crawler"] [data "lynx"] [severity "WARNING"] [tag "AUTOMATION/MALICIOUS"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.parfumdefleurs.eu"] [uri "/"] [unique_id "V4vcswoAfpQAAGhKENEAAABP"]
[Sun Jul 17 21:29:59 2016] [error] [client 109.71.51.92] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "lynx" at REQUEST_HEADERS:User-Agent. [file "/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_35_bad_robots.conf"] [line "26"] [id "990012"] [rev "2.1.1"] [msg "Rogue web site crawler"] [data "lynx"] [severity "WARNING"] [tag "AUTOMATION/MALICIOUS"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.parfumdefleurs.eu"] [uri "/"] [unique_id "V4vctwoAfpQAAGhKEO4AAAB0"]