As the security freak of the company, I often find gems in access or errorlogs. Sometimes a plain old scanner, sometimes very sophisticated spiders. What most of the payloads have in common is: they are oftentimes obfuscated, ‘optimised’, encoded and what not. We recently began using modsecurity more aggressively and immediately the logs began filling […]