OVH Community, votre nouvel espace communautaire.

Blocage HTTP de votre site


outrefranc
16/11/2015, 20h38
Il faut faire vachement gaffe avec les CMS. WP est un bon truc, mais il y a des plug-ins qui sont vérolés. On les installe en un clic, mais on ne sait pas ce que ça installe en fait. Après, on a des surprises.

krapoo
16/11/2015, 19h52
Après quelques recherches plus approfondies, j'ai vu que c'était grâce à l'extension extrawatch et le fait que wordpress ne soit pas à jour que je me suis fait hacké.
J'ai fait une restauration de mon blog à une semaine, mis à jour wordpress, supprimé l'extension en question, et je pense que cela devrait règler les soucis.

merci

Ludo.H
16/11/2015, 18h46
Bonjour,

Je vois que votre site est bien bloqué.
Après une courte recherche je vois que votre site est hacké par un php-shell : /homez.734/gregarou/www/wp-content/plugins/wp-db-backup-made/system.php

Merci de faire le ménage.
Le mieux serait de réinstaller wordpress et de changer vos identifiants de connection à wordpress.
Voir de modifier aussi vos identifiants FTP.

Vous êtes bloqué par un "chmod 700" de répertoire "www".
Vous pourrez vous débloquer en appliquant un "chmod 705" de ce même répertoire.

Cdt,

krapoo
16/11/2015, 18h17
Bonjour,

J'ai un blog de voyage, que je met régulièrement à jour. L'adresse est http://greg-aroundtheworld.com
J'ai reçu le 12/11/2015 un message de OVH me disant :

Problème rencontré : Executing deleted program
Commande apparente : ././crond
Exécutable utilisé : /homez.734/*******/www/wp-includes/js/tinymce/langs/.nfs000000000031b05100008f64
Horodatage: 2015-11-12 12:05:17

Ceci n'est pas autorisé sur nos installations,
car c'est une tentative potentielle de piratage.

Si ce n'est pas vous qui avez lancé ce script, cela signifie
qu'il y a une faille sur votre site et qu'un hacker s'en
est servi pour réaliser cette opération.

Nous avons désactivé l'accès web temporairement pour éviter tout
risque de nouveau piratage.


Mon site est donc bloqué.

J'ai essayé de suivre les directives d'OVH ( https://www.ovh.com/fr/g1392.procedu...le_de_securite )

J'ai regardé les logs comme indiqué dans les directives, je vois effectivement des commandes "POST", mais je ne sais pas quoi en faire.

C'est pourquoi, je viens ici demander votre aide.

Le site ayant été bloqué a 12:05 le 12/11/2015, je vous copie ici le log avant cette heure ci.

46.158.62.179 greg-aroundtheworld.com - [12/Nov/2015:11:30:26 +0100] "GET / HTTP/1.1" 200 36569 "http://greg-aroundtheworld.com/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0"
213.186.33.3 greg-aroundtheworld.com - [12/Nov/2015:11:30:28 +0100] "POST /wp-cron.php?doing_wp_cron=1447324228.3097460269927978 515625 HTTP/1.0" 200 - "-" "WordPress/3.5; http://greg-aroundtheworld.com"
46.158.62.179 greg-aroundtheworld.com - [12/Nov/2015:11:30:28 +0100] "GET /index.php HTTP/1.1" 301 - "http://greg-aroundtheworld.com/index.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)"
46.158.62.179 greg-aroundtheworld.com - [12/Nov/2015:11:30:28 +0100] "GET / HTTP/1.1" 200 36569 "http://greg-aroundtheworld.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)"
93.73.208.195 greg-aroundtheworld.com - [12/Nov/2015:11:44:48 +0100] "GET /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 120 "-" "-"
93.73.208.195 greg-aroundtheworld.com - [12/Nov/2015:11:44:48 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 110 "-" "-"
213.186.33.3 greg-aroundtheworld.com - [12/Nov/2015:11:45:12 +0100] "POST /wp-cron.php?doing_wp_cron=1447325112.1697330474853515 625000 HTTP/1.0" 200 - "-" "WordPress/3.5; http://greg-aroundtheworld.com"
40.77.167.1 greg-aroundtheworld.com - [12/Nov/2015:11:45:11 +0100] "GET /robots.txt HTTP/1.1" 404 5477 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
93.73.208.195 greg-aroundtheworld.com - [12/Nov/2015:11:53:03 +0100] "GET /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 120 "-" "-"
93.73.208.195 greg-aroundtheworld.com - [12/Nov/2015:11:53:04 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 110 "-" "-"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:58:40 +0100] "GET /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 120 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:58:41 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 14111 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:58:42 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 99940 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:58:49 +0100] "POST /wp-includes/pomo/po.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:58:50 +0100] "POST /wp-content/plugins/wp-super-cache/plugins/awaitingmoderation.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:58:51 +0100] "POST /wp-includes/feed-rss2-comments.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:58:58 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/view/goal.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:58:59 +0100] "POST /wp-content/themes/bigsquare/404.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:00 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/lang/italian.utf-8.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:01 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/interface.extrawatch.dbwrap.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:02 +0100] "POST /wp-includes/category-template.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:03 +0100] "POST /wp-content/themes/twentyeleven/sidebar-page.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:05 +0100] "POST /wp-content/themes/bigsquare/functions.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:06 +0100] "POST /wp-content/themes/twentytwelve/category.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:07 +0100] "POST /wp-includes/SimplePie/Misc.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:08 +0100] "POST /wp-content/themes/twentytwelve/index.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:09 +0100] "POST /wp-includes/theme-compat/footer.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:10 +0100] "POST /wp-content/themes/twentytwelve/search.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:11 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/prestashop/extrawatch.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:13 +0100] "POST /wp-includes/js/tinymce/langs/wp-langs.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:14 +0100] "POST /wp-includes/media-template.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:15 +0100] "POST /wp-content/themes/bigsquare/libs/config/options.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:16 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/class.extrawatch.env.request.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:17 +0100] "POST /db.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:18 +0100] "POST /wp-content/plugins/extrawatch/src/inc.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:19 +0100] "POST /wp-content/plugins/traffic-manager/core/js/title.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:21 +0100] "POST /wp-includes/js/tinymce/ajax.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:22 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/magento/module/app/design/frontend/base/default/lib.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:23 +0100] "POST /wp-content/plugins/traffic-manager/lang/system.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:24 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/data/user-agent/search.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:25 +0100] "POST /wp-includes/images/crystal/proxy.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:26 +0100] "POST /wp-includes/js/tinymce/plugins/wpview/page.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:27 +0100] "POST /wp-includes/images/smilies/db.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:29 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/magento/module/app/code/community/CodeGravity/ExtraWatch/Helper/user.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:30 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/css/ui-lightness/test.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:31 +0100] "POST /wp-includes/js/tinymce/plugins/wplink/blog.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:32 +0100] "POST /wp-includes/pomo/general.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:33 +0100] "POST /wp-content/uploads/2014/08/cache.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:34 +0100] "POST /wp-content/themes/bigsquare/libs/files.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:35 +0100] "POST /wp-includes/images/smilies/code.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:37 +0100] "POST /wp-content/themes/twentyeleven/images/headers/footer.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:38 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/magento/app/etc/dirs.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:39 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/test/gui/dir.php HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:43 +0100] "POST /wp-includes/js/swfupload/error.php HTTP/1.1" 200 32 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:44 +0100] "POST /wp-content/uploads/2013/09/code.php HTTP/1.1" 200 32 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:45 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/prestashop/module/xml.php HTTP/1.1" 200 32 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:46 +0100] "POST /wp-content/upgrade/info.php HTTP/1.1" 200 32 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
197.242.69.165 greg-aroundtheworld.com - [12/Nov/2015:11:59:47 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 29222 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
50.62.208.37 greg-aroundtheworld.com - [12/Nov/2015:12:00:14 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 211 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
74.220.207.136 greg-aroundtheworld.com - [12/Nov/2015:12:00:25 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 87 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
166.62.93.36 greg-aroundtheworld.com - [12/Nov/2015:12:00:30 +0100] "POST /wp-content/plugins/cimy-header-image-rotator/langs/model.php HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
97.74.215.49 greg-aroundtheworld.com - [12/Nov/2015:12:00:39 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 71 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
5.135.186.187 greg-aroundtheworld.com - [12/Nov/2015:12:00:46 +0100] "POST /wp-content/plugins/cimy-header-image-rotator/langs/model.php HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0"
74.220.215.208 greg-aroundtheworld.com - [12/Nov/2015:12:00:49 +0100] "POST /wp-content/plugins/cimy-header-image-rotator/langs/model.php HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) U2/1.0.0 UCBrowser/9.3.1.344"
66.147.244.156 greg-aroundtheworld.com - [12/Nov/2015:12:00:51 +0100] "POST /wp-content/header-images/dump71.php HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
50.62.161.95 greg-aroundtheworld.com - [12/Nov/2015:12:00:16 +0100] "POST /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 200 96 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
74.208.152.230 greg-aroundtheworld.com - [12/Nov/2015:12:00:22 +0100] "GET /wp-content/plugins/cimy-header-image-rotator/langs/model.php HTTP/1.1" 200 49 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
184.168.27.127 greg-aroundtheworld.com - [12/Nov/2015:12:00:28 +0100] "GET /wp-content/plugins/akismet/class.akismet-widget.php HTTP/1.1" 403 253 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
123.30.95.164 greg-aroundtheworld.com - [12/Nov/2015:12:00:37 +0100] "POST /wp-content/plugins/cimy-header-image-rotator/langs/model.php HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26"
182.50.130.28 greg-aroundtheworld.com - [12/Nov/2015:12:00:41 +0100] "GET /wp-content/header-images/dump71.php HTTP/1.1" 200 49 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
50.23.210.133 greg-aroundtheworld.com - [12/Nov/2015:12:00:48 +0100] "POST /wp-includes/js/tinymce/langs/wp-langs.php HTTP/1.1" 200 93 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
66.147.244.239 greg-aroundtheworld.com - [12/Nov/2015:12:00:53 +0100] "POST /wp-content/header-images/dump71.php HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:02:59 +0100] "GET /wp-content/plugins/wp-db-backup-made/system.php HTTP/1.1" 403 249 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:02:59 +0100] "POST /wp-content/plugins/extrawatch/src/inc.php HTTP/1.1" 403 243 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:02:59 +0100] "POST /wp-includes/js/tinymce/langs/wp-langs.php HTTP/1.1" 403 243 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:02:59 +0100] "POST /wp-content/plugins/traffic-manager/core/js/title.php HTTP/1.1" 403 254 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:00 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/css/ui-lightness/test.php HTTP/1.1" 403 283 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:00 +0100] "POST /wp-includes/feed-rss2-comments.php HTTP/1.1" 403 236 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:00 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/interface.extrawatch.dbwrap.php HTTP/1.1" 403 297 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:00 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/data/user-agent/search.php HTTP/1.1" 403 284 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:01 +0100] "POST /wp-content/themes/twentytwelve/search.php HTTP/1.1" 403 243 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:01 +0100] "POST /db.php HTTP/1.1" 403 208 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:01 +0100] "POST /wp-includes/images/smilies/db.php HTTP/1.1" 403 235 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:01 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/magento/module/app/code/community/CodeGravity/ExtraWatch/Helper/user.php HTTP/1.1" 403 338 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:02 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/test/gui/dir.php HTTP/1.1" 403 274 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:02 +0100] "POST /wp-includes/category-template.php HTTP/1.1" 403 235 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:02 +0100] "POST /wp-content/themes/bigsquare/functions.php HTTP/1.1" 403 243 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:02 +0100] "POST /wp-includes/js/tinymce/plugins/wplink/blog.php HTTP/1.1" 403 248 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:03 +0100] "POST /wp-content/themes/bigsquare/404.php HTTP/1.1" 403 237 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:03 +0100] "POST /wp-content/themes/bigsquare/libs/config/options.php HTTP/1.1" 403 253 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:03 +0100] "POST /wp-includes/images/crystal/proxy.php HTTP/1.1" 403 238 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:03 +0100] "POST /wp-content/themes/twentyeleven/sidebar-page.php HTTP/1.1" 403 249 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:04 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/magento/module/app/design/frontend/base/default/lib.php HTTP/1.1" 403 321 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:04 +0100] "POST /wp-content/themes/bigsquare/libs/files.php HTTP/1.1" 403 244 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:04 +0100] "POST /wp-content/plugins/wp-super-cache/plugins/awaitingmoderation.php HTTP/1.1" 403 266 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:04 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/view/goal.php HTTP/1.1" 403 271 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:05 +0100] "POST /wp-includes/js/tinymce/plugins/wpview/page.php HTTP/1.1" 403 248 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:05 +0100] "POST /wp-includes/js/tinymce/ajax.php HTTP/1.1" 403 233 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:05 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/lang/italian.utf-8.php HTTP/1.1" 403 280 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:05 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/prestashop/extrawatch.php HTTP/1.1" 403 291 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:06 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/magento/app/etc/dirs.php HTTP/1.1" 403 290 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:06 +0100] "POST /wp-includes/theme-compat/footer.php HTTP/1.1" 403 237 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:06 +0100] "POST /wp-includes/pomo/po.php HTTP/1.1" 403 225 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:06 +0100] "POST /wp-includes/media-template.php HTTP/1.1" 403 232 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:07 +0100] "POST /wp-content/uploads/2014/08/cache.php HTTP/1.1" 403 238 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:07 +0100] "POST /wp-content/themes/twentytwelve/index.php HTTP/1.1" 403 242 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:07 +0100] "POST /wp-content/plugins/extrawatch/components/com_extrawatch/src/env/class.extrawatch.env.request.php HTTP/1.1" 403 298 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:07 +0100] "POST /wp-content/plugins/traffic-manager/lang/system.php HTTP/1.1" 403 252 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:08 +0100] "POST /wp-includes/images/smilies/code.php HTTP/1.1" 403 237 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:08 +0100] "POST /wp-includes/SimplePie/Misc.php HTTP/1.1" 403 232 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:08 +0100] "POST /wp-content/themes/twentyeleven/images/headers/footer.php HTTP/1.1" 403 258 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:08 +0100] "POST /wp-includes/pomo/general.php HTTP/1.1" 403 230 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
91.238.228.5 greg-aroundtheworld.com - [12/Nov/2015:12:03:09 +0100] "POST /wp-content/themes/twentytwelve/category.php HTTP/1.1" 403 245 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
66.147.244.151 greg-aroundtheworld.com - [12/Nov/2015:12:04:00 +0100] "GET /wp-content/plugins/cimy-header-image-rotator/langs/model.php HTTP/1.1" 403 262 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0"
J'ai bien conscience que si une attaque a été possible c'est parce que je n'ai pas maintenu wordpress à jour.
J'utilise un thème "bigsquare" qui n'était pas mis à jour pour les nouvelles versions de wordpress, c'est pourquoi je suis encore en version 3.5

Si j'arrive à débloquer la situation, je passerai sur une version plus récente, c'est certain.

Merci de votre aide