Security log query
-
Hi there,
I have a few logs like the one below… my site is hosted on Bluehost, box671… I don’t understand what all these logs means but how come my host is flagged as spammer/hacker???
[403 GET / HEAD Request: May 7, 2014 10:51 pm]
Event Code: BFHS – Blocked/Forbidden Hacker or Spammer
Solution: N/A – Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 66.147.244.171
Host Name: box671.bluehost.com
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /news/xmlrpc.php
QUERY_STRING:
HTTP_USER_AGENT: The Incutio XML-RPC PHP Library — WordPress/3.9also other logs blocking yahoo? Host Name: b100106.yse.yahoo.net and bing? Host Name: msnbot-157-55-35-38.search.msn.com
-
The relevant question is do you use XML-RPC on your website to do remote posting to your website? This could be a random hacker/spammer bot probe/recon to see if XML-RPC is enabled/not protected on your website.
A request/visit was made to the /news/xmlrpc.php file. The Server Protocol is HTTP/1.0. I am not sure what the The Incutio XML-RPC PHP Library user agent means.
Your host is not flagged as a spammer/hacker. The way the request is being done your host information shows up in the log entry, but that does not have any bearing on what is being blocked or your host in any way.
If you are blocking Server protocol HTTP/1.0 using this BPS Bonus Custom Code: https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/ then that would be why this request/visit was blocked/protected.
If you are blocking/protecting the xmlrpc.php file using this BPS Bonus Custom Code: https://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/ then that is why this is being blocked/protected.
I would need to see the other log entries to tell you what is being blocked/protected.
Yes, I have a XML-RPC file uploaded in my WP folder
Here’s some of the latest log files, I didn’t copy all because the log is very big, 231.76 KB
Also I was wondering… if all these 403 GET / HEAD Request by any chance have anything to do with my posts not being indexed by google at all… google index the main page but never any single post…which I find very odd and I can’t figure out why
[403 GET / HEAD Request: April 18, 2014 12:24 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.116 Host Name: 65.208.151.116 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-episode-motive/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:27 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.114 Host Name: 65.208.151.114 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-beals-starring/ REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:28 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.117 Host Name: 65.208.151.117 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-beals-starring/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:32 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.115 Host Name: 65.208.151.115 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/02/promoting-everdeep/ REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:32 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.118 Host Name: 65.208.151.118 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/02/promoting-everdeep/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:37 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.112 Host Name: 65.208.151.112 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/04/transcript-of-jennifer-beals-chat-on-reddit/ REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:37 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.112 Host Name: 65.208.151.112 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/04/transcript-of-jennifer-beals-chat-on-reddit/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:41 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.113 Host Name: 65.208.151.113 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-episode-motive/ REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:41 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.119 Host Name: 65.208.151.119 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-episode-motive/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:45 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.118 Host Name: 65.208.151.118 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-beals-starring/ REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:45 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.112 Host Name: 65.208.151.112 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-beals-starring/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:52 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.119 Host Name: 65.208.151.119 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-episode-motive/ REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:52 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.116 Host Name: 65.208.151.116 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/03/jennifer-episode-motive/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:55 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.115 Host Name: 65.208.151.115 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/02/jennifer-upcoming-projects/ REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:56 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.116 Host Name: 65.208.151.116 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/02/jennifer-upcoming-projects/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 12:59 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.113 Host Name: 65.208.151.113 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/02/promoting-everdeep/ REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 1:00 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 65.208.151.118 Host Name: 65.208.151.118 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/2014/02/promoting-everdeep/ REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) [403 GET / HEAD Request: April 18, 2014 3:16 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 50.186.148.116 Host Name: c-50-186-148-116.hsd1.fl.comcast.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/2012/10/jennifer-beals-receives-ally-for-equality-award/ QUERY_STRING: HTTP_USER_AGENT: Xenu Link Sleuth/1.3.8 [403 GET / HEAD Request: April 18, 2014 4:25 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 128.204.204.5 Host Name: hosted-by.snelis.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://namecheap.com/blah/ REQUEST_URI: /news/wp-content/uploads/2012/06/md_vanity.jpg QUERY_STRING: HTTP_USER_AGENT: wordpress/2.1.1 [403 GET / HEAD Request: April 19, 2014 3:22 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 37.48.37.133 Host Name: 37-48-37-133.tmcz.cz SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/wp-content/uploads/2013/02/sm.jpg QUERY_STRING: HTTP_USER_AGENT: [403 GET / HEAD Request: April 19, 2014 3:23 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 37.48.37.133 Host Name: 37-48-37-133.tmcz.cz SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/wp-content/uploads/2012/01/castle1.jpg QUERY_STRING: HTTP_USER_AGENT: [403 GET / HEAD Request: April 19, 2014 5:55 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.147.244.171 Host Name: box671.bluehost.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/wp-cron.php QUERY_STRING: HTTP_USER_AGENT: WordPress/3.8.3; https://www.jennifer-beals.com/news [403 GET / HEAD Request: April 19, 2014 5:55 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.147.244.171 Host Name: box671.bluehost.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/wp-cron.php QUERY_STRING: HTTP_USER_AGENT: WordPress/3.8.3; https://www.jennifer-beals.com/news [403 GET / HEAD Request: April 21, 2014 1:30 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 199.21.99.113 Host Name: spider-199-21-99-113.yandex.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (compatible; YandexBot/3.0; +https://yandex.com/bots) [403 GET / HEAD Request: April 23, 2014 2:57 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 49.212.188.72 Host Name: www16058uf.sakura.ne.jp SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/xmlrpc.php?rsd REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: QuerySeekerSpider ( https://queryseeker.com/bot.html ) [403 GET / HEAD Request: April 23, 2014 2:58 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 49.212.188.72 Host Name: www16058uf.sakura.ne.jp SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.jennifer-beals.com/news/xmlrpc.php REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: QuerySeekerSpider ( https://queryseeker.com/bot.html ) [403 GET / HEAD Request: April 26, 2014 5:52 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 173.252.74.115 Host Name: 173.252.74.115 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/2013/04/celebrating-30-years-of-flashdance/n-in-jenaml?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed:%20jefusion/ANOC%20(JEFusion%20%7C%20The%20Center%20of%20Tokusatsu)dium=twittertephen-h-roberts-/_source=other_multiline&action_object_map=%7B%2210200209506426501%22:312602358854574,%2210200209500066342%22:370992922993060%7D&action_type_map=%7B%2210200209506426501%22:%22news.reads%22,%2210200209500066342%22:%22news.reads%22%7D&action_ref_map=%5B%5D%23access_token=AAADWQ6323IoBAODgRJpG59YoZAd8RhzjQYZBetgY4VQ3YdENLZBzo7nLSNJkXsNYfRCENMnziZC7jIJAlnNMYCNBWcPeLVMpjAj2iK7ZAVwZDZD&expires_in=4512%20Tochteranzeige,%20Stereoanlage%20Panasonic%20mit%20Au%DFenlautsprechern,%20Sprayhood%20und%20Kuchenbude%202009%20neu,%20Uhr,%20Barometer,%202%20Batterien%20mit%20Ladeger%E4t,%20Fender%20und%20reichlich%20Tauwerk%20und%20Leinen.Das%20Schiff%20ist%20gepflegt%20und%20wenig%20gesegelt.%20Der%20Motor%20wurde%20regelm%E4%DFig%20vom%20Fachmann%20gewartet.%20Ein%20gem%FCtliches%20Schiff%20m QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+https://www.facebook.com/externalhit_uatext.php) [403 GET / HEAD Request: May 1, 2014 12:08 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 157.55.35.38 Host Name: msnbot-157-55-35-38.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (compatible; bingbot/2.0; +https://www.bing.com/bingbot.htm) [403 GET / HEAD Request: May 2, 2014 7:58 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 157.56.229.245 Host Name: msnbot-157-56-229-245.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (compatible; bingbot/2.0; +https://www.bing.com/bingbot.htm) [403 GET / HEAD Request: May 5, 2014 10:11 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 82.192.74.117 Host Name: hosted-by.dahhosting.nl SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (compatible; Lipperhey SEO Service; https://www.lipperhey.com/) [403 GET / HEAD Request: May 7, 2014 2:34 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 68.180.224.230 Host Name: b100106.yse.yahoo.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php?rsd QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (compatible; Yahoo! Slurp; https://help.yahoo.com/help/us/ysearch/slurp) [403 GET / HEAD Request: May 7, 2014 9:14 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.147.244.171 Host Name: box671.bluehost.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: The Incutio XML-RPC PHP Library -- WordPress/3.9 [403 GET / HEAD Request: May 7, 2014 10:08 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.147.244.171 Host Name: box671.bluehost.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: The Incutio XML-RPC PHP Library -- WordPress/3.9 [403 GET / HEAD Request: May 7, 2014 10:48 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.147.244.171 Host Name: box671.bluehost.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: The Incutio XML-RPC PHP Library -- WordPress/3.9 [403 GET / HEAD Request: May 7, 2014 10:51 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.147.244.171 Host Name: box671.bluehost.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/xmlrpc.php QUERY_STRING: HTTP_USER_AGENT: The Incutio XML-RPC PHP Library -- WordPress/3.9 [403 GET / HEAD Request: May 13, 2014 1:50 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 178.119.226.58 Host Name: 178-119-226-58.access.telenet.be SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /news/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (compatible; Genieo/1.0 https://www.genieo.com/webfilter.html)
The question was are you using the BPS Bonus Code that protects/blocks the xmlrpc.php file. All WordPress sites will have this file unless you manually delete it.
BPS does NOT effect, impact or do anything else regarding indexing/ranking/SERP’s so no BPS does not have anything to do with that.
Do you see your indexed pages using this Google search- site:your-domain-name.comIt looks like this site: jennifer-beals.com is attempting to connect with XML-RPC on your site and is being blocked. What I mean by “looks like” is there are several different IP addresses being used. That typically indicates a hacker or spammer spoofing/faking the Referer.
Overall here is the bottomline. BPS is doing its job and blocking what should be blocked. As a general rule if something is not working or is accidentally being blocked by BPS then check your Security Log for the log entry that relates directly to the plugin, theme or whatever else it is. For all the other log entries – 99.99999999999999% you do not need to do anything – BPS is doing its job.
Yes, I have the bonus custom code on my Custom code, I had forgotten all about it but it’s there..
do I really need this XML-RPc option? I remember I had the option on WP dashboard but now is not there anymore.. I thought the use of it was if I wanted to post on with the WP app on a mobile device but I hardly use it anyway
when I search for my site on site:your-domain-name.com the site appears and so does the news page where my WP installation but what it doesn’t appear at all are any of my single posts unless I manually send the Url on fetch as google on the webmaster tools… so something out there is blocking my posts
Using the Bonus Custom Code is entirely up to you. A description/explanation of what it does is in the link below.
https://forum.ait-pro.com/forums/topic/wordpress-xml-rpc-ddos-protection-protect-xmlrpc-php-block-xmlrpc-php-forbid-xmlrpc-php/Here are some things to check regarding crawling and indexing.
Do you have a sitemap/sitemap plugin?
Have you submitted a sitemap to Google?
Are you using an SEO plugin?
Are you allowing indexing of your posts and pages in that SEO plugin?
are you using a virtual robots file and/or a robots.txt file?
You need to tell Google what you want crawled and indexed or if you want to wait for a natural crawl/index it could take a long time.And of course you want to check this WordPress setting:
Settings >>> Reading >>> Search Engine Visibility >>> “Discourage search engines from indexing this site” should be UNchecked.yes, I have all the above.. I’m not using any SEO at the moment, I was using one , but it didn’t make any difference at all so I removed it
Post the URL for this site.
Also since you mention news are you doing anything regarding the Googlebot news bot?
https://support.google.com/webmasters/answer/1061943?hl=enthis is the site https://www.jennifer-beals.com/news/.. only the news pages are run on WP
the site doesn’t qualify for googlebot news, I tried and was declined
site:jennifer-beals.com shows “About 28,000 results” – 28,000 site pages crawled and indexed by Google.
site:jennifer-beals.com/news/ shows “About 217 results” – 217 site pages crawled and indexed by Google.
You do not have a problem with the sites being crawled or indexed by Google. What you mean are that your pages are not ranking well in Google. That is a completely different thing. That is called Search Engine Optimization (SEO).
The reason your pages are not ranking anywhere decent is because you have duplicate titles. You need to make a page title unique and descriptive and your content should match whatever title you choose. Pick your title from your content. I cannot fully explain SEO to you here – it would take chapters and chapters of text. SEO is simple in general. SEO that puts you in page position #1 on Google page #1 is a skill that takes practice.
the news page will rank only after a couple of days.. but not the post itself
where does the title for my content goes? I have a title on the general settings and it doesn’t change.. is there anywhere else I need to change it to avoid duplicate titles?
A Title is not a slug/URL it is a meta tag. You do not need to change anything about your slugs/URL’s for each post and doing something like that would cause major problems. What you should do is below.
Install the All in One SEO plugin. After installing that plugin you will see text boxes below each of your posts where you can enter a Title, a Description and Keywords. Go through each of your Posts and add a Title in the All in One SEO plugin Title text box. After you are done doing this for all of your Posts, resubmit your Sitemap with whatever Sitemap plugin you are using.
In my experience, you only need to add a Title and not a Description or Keywords. Google will grab relevant content from each post for the Description. Keywords are a thing of the past and are not really looked at anymore.
I had installed FV simpler SEO, which is a simplified version of All in One SEO pack, I entered title, descriptions , keywords in the boxes and it did absolutely nothing :/
When picking a Title you are picking a search term. The Title is what shows up in Google search results and is also the primary search term that people will most likely use. You want to pick a search term/Title that people are actually going to search for. The Title must also match the main focus of your Post and for best results either use an exact sentence that is the primary focus of your Post or use a Title that contains all of your primary search target keywords. Your primary keywords always need to be in your Title for best ranking.
Example:
Title: Best Tool to Search for Jiolre on Planet Breuity are Huyts
Post content: huyts are the best tool to use on planet breuity when searching for jiolre. watch out for guioy’s they are ferocious predators. wear a terui when searching for jiolre on planet breuity or you will get uiplk sickness.
I had installed FV simpler SEO, which is a simplified version of All in One SEO pack, I entered title, descriptions , keywords in the boxes and it did absolutely nothing :/
Then either you did something wrong or you did not wait long enough for Google to reindex your Posts. A new Post will be indexed in about 3-6 days. An old Post that already exists could take up to a month to be reindexed by Google and the new reindexed search result to show in Google search results.
I have never used that plugin so I cannot offer any specific help with that plugin. You would need to check with that plugin author about his/her plugin.
- The topic ‘Security log query’ is closed to new replies.