HEX
Server: Apache
System: Linux node154.myfcloudtx.com 5.14.0-362.24.1.el9_3.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Mar 20 04:52:13 EDT 2024 x86_64
User: redrockb (1005)
PHP: 8.1.33
Disabled: NONE
Upload Files
File: /home/redrockb/.bash_history
#1689852107
hosts
#1689852109
prop
#1705304745
ll
#1705304760
cd t
#1705304766
cd public_html/
#1705304768
ll
#1705304772
cd techniksgroup.com.au/
#1705304777
wp user list
#1724899748
cd public_html/
#1724899748
ll
#1724899755
du -sh techniksgroup.com.au
#1724899763
cd techniksgroup.com.au/
#1724899764
ll
#1724899769
grep -i db wp-config.php
#1724899789
mysqldump -u'redrockb_wp248' -p redrockb_wp248 > redrockb_wp248-BKP.sql
#1724899799
ls -lah
#1724899800
cd ..
#1724899801
ll
#1724899818
tar -zcvf techniksgroup.com.au-BKP.tar.gz techniksgroup.com.au
#1724900694
ll
#1724900703
mv techniksgroup.com.au-BKP.tar.gz techniksgroup.com.au/
#1784021101
grep "13/Jul/2026" /var/log/httpd/modsec_error.log | grep -E "spectra|admin.php|foundationwebdevelopments"
#1784021101
Use code with caution.Alternative Audit Log Path (Detailed view):bashgrep -A 5 "13/Jul/2026" /usr/local/apache/logs/modsec_audit.log | grep -E "spectra|admin.php"
#1784021101
Use code with caution.For Nginx servers:bashgrep "13/Jul/2026" /var/log/nginx/error.log | grep "modsecurity"
#1784021101
Use code with caution.🐘 2. Search PHP & WordPress Error Logs (Script Crashes)If ModSecurity didn't block it, a PHP fatal error did. These commands extract errors generated on July 13th.Search the native WordPress debug log:bashgrep "13-Jul-2026" /home/username/public_html/wp-content/debug.log
#1784021101
Use code with caution.(Note: Replace /home/username/public_html/ with your actual website root directory path).Search the standard cPanel PHP error log:bashgrep "13-Jul-2026" /home/username/public_html/error_log | grep -i "fatal"
#1784021101
Use code with caution.Search system-wide PHP-FPM logs (If you have root access):bashgrep "13-Jul-2026" /var/log/php-fpm/www-error.log
#1784021101
Use code with caution.💡 Quick Tip for Reading the OutputWhen you run the ModSecurity commands, keep an eye out for a string that looks like [id "9xxxxx"]. That ID number is the exact firewall rule breaking your Spectra plugin layout loading.If these commands return any lines of text, copy and paste those lines right here so we can identify the exact rule or broken file to whitelist!
#1784021111
grep "13/Jul/2026" /var/log/httpd/modsec_error.log | grep -E "spectra|admin.php|foundationwebdevelopments"
#1784021127
grep "13-Jul-2026" /home/username/public_html/error_log | grep -i "fatal"
#1784021143
find ~ -type f \( -name "error_log" -o -name "debug.log" \)
#1784021181
grep "13-Jul-2026" /home/redrockb/://kellyskraft.com /home/redrockb/://kellyskraft.com /home/redrockb/kellyskraft.com/wp-includes/error_log 2>/dev/null
#1784021190
find /home/redrockb/kellyskraft.com/ -name "error_log" -exec grep "13-Jul-2026" {} + 2>/dev/null
#1784021215
grep "13/Jul/2026" ~/logs/*error_log* | grep -E "spectra|admin.php"
#1784021224
grep "13-Jul-2026" ~/public_html/wp-content/debug.log
#1784021246
find /home/redrockb/://kellyskraft.com -name "error_log" -exec grep "13-Jul-2026" {} + 2>/dev/null
#1784021260
grep "13-Jul-2026" ~/public_html/error_log | grep -iE "spectra|admin.php"
#1784021268
grep "13-Jul-2026" ~/public_html/wp-content/debug.log