root@test:/var/log/nginx# wget -qO – icanhazip.com
www.xxx.yyy.zzz
root@test:/var/log/nginx# wget -qO- http://ipecho.net/plain | xargs echo
www.xxx.yyy.zzz
root@test:/var/log/nginx# wget -qO – icanhazip.com
www.xxx.yyy.zzz
root@test:/var/log/nginx# curl icanhazip.com
www.xxx.yyy.zzz
root@test:/var/log/nginx#
Category Archives: Security
An appropriate representation of the requested resource /wp-admin/options-permalink.php could not be found on this server.
Not Acceptable
An appropriate representation of the requested resource /wp/wp-admin/options-permalink.php could not be found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
I was getting below error, I believe it is to do with mod_security.
I have tested this by putting below entry in my .htaccess, But unfortunalty does not work for me, so raise a support ticket and disabled with hosting provider.
<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>
You sure can do it manually. I am trying to find out why the page is blank too, but in the mean time I have manually altered the setting in PHPMyAdmin.
1. Go in to PHPMyAdmin
2. In the sidebar on the left select wp_options
3. Go to Page number: 2
4. click the pencil on the link with permalink_structure
5. In the big box next to option_value
and input /%postname%
OSSEC v2.0 commands
ossec-reportd is a program to create reports from OSSEC alerts. ossec-reportd accepts alerts on stdin, and outputs a report on stderr.
Note
Since ossec-reportd outputs to stderr some utilities like less will not work if you do not redirect the output. End the ossec-reportd with 2>&1 to redirect stderr to stdout. more or less can be easily used after the stderr redirect.
ossec-reportd argument options
-h
Display the help message
-f <filter> <value>
Filter the results.
-r <filter> <value>
Show related entries.
-n <string>
Create a description for the report.
-s
Show the alerts related to the summary.
ossec-reportd example usage
Example 1: Show Successful Logins
# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f group authentication_success
Example 2: Show Alerts Level 10 and Greater
# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f level 10
Example 3: Show the srcip for all users
# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f group authentication -r user srcip
Example 4: Show Changed files as reported by Syscheck
# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f group syscheck -r location filename
Example output
# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd 2>&1 | more
2011/07/11 21:01:36 ossec-reportd: INFO: Started (pid: 1444).
2011/07/11 21:01:41 ossec-reportd: INFO: Report completed. Creating output…
Report completed. ==
————————————————
->Processed alerts: 17
->Post-filtering alerts: 17
->First alert: 2011 Jul 11 00:00:46
->Last alert: 2011 Jul 11 00:16:52
……………………………………………………………………………
…………………………………………………………………………………………………….
In case you have not had a chance to check it out OSSEC v2.0 added a command-line “reporting” tool. It is great for checking to see if agents, syslog etc is actually making it into OSSEC|OSSIM without having to install the web gui on OSSIM.
Note: These commands are from the OSSEC tutorial but I have made a change in the path to the ossec-reportd binary:
_________________________________________________________
Show all IP addresses/users that logged in during the day
cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -n “Logins summary” -f group authentication_success
_________________________________________________________
Show all IP addresses/users that logged in during the day and related srcips locations for each user
cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -n “Logins summary” -f group authentication_success -r user srcip -r user location
_________________________________________________________
Show all multiple authentication failures (brute force attacks)
cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -n “Failures summary” -f group authentication_failures
_________________________________________________________
Show a summary for the month (or day) <July 2009>
zcat /var/ossec/logs/alerts/2009/Jul/*.gz | /var/ossec/bin/ossec-reportd -n “Month Summary”