Welcome to WebmasterWorld Guest from 22.214.171.124
Forum Moderators: open
I think the only functionality I need is the ability for user to click on links to other web pages, and a link to activate a phone call when viewed on a smartphone.Then why on earth are the sites on WordPress (or any CMS) in the first place? The teeny-tiny savings to the site administrators in not having to master a few words of HTML are vastly outweighed by the extra burden on both the server and the user’s browser--and, as you’ve found, by security vulnerabilities.
Q. What "raw access logs" are you using?There’s no “What” about it. The significance of raw access logs is that they are just as the server generated them--not processed through some third-party utility or analytics. Logs are plain-text files that can be opened in any text editor.
The reason I have used Wordpress to design so many sites, is because I have needed the functionality in the past.
The significance of raw access logs is that they...Thanks for the heads up about these files. I downloaded some last night. I noticed that they only show the logs for the current day. However I have now checked a box in my CP activating the archiving of the logs. Good lesson learned for next time.
These can be .php, .js or any remotely hosted scripts
Edit: I was going to paste-in an even more nefarious-looking log example, but it was SO nefarious, it triggered the present site's 403 response!
Hahaha Show us the nefarious!Put it this way: after disencoding all the percents, part of the request was
and then the contents to put. You can see the server's point. The User-Agent also contained a bunch of braces and backslashes, so it is not surprising that it got a 418 from mod_security.