{"transaction":{"time":"6/Dec/2022:13:24:57.102197 +0830","transaction_id":"Y5Wa1t2Rfi8Iu4-WbF30QAAAAGY","remote_address":"X.X.X.X","remote_port":9612,"local_address":"....","local_port":80},"request":{"request_line":"GET /.env HTTP/1.1","headers":{"Host":"......com","Accept-Encoding":"gzip, deflate","X-Real-IP":"Y.Y.Y.Y","X-Forwarded-Proto":"http","X-Forwarded-Port":"80","X-Forwarded-For":"Y.Y.Y.Y","User-Agent":"Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8","Accept-Language":"en-US,en;q=0.5","Upgrade-Insecure-Requests":"1"}},"response":{"protocol":"HTTP/1.1","status":403,"headers":{"Content-Length":"199","Connection":"close","Content-Type":"text/html; charset=iso-8859-1"}},"audit_data":{"messages":["Access denied with code 403 (phase 1). Matched phrase \"/.env\" at REQUEST_URI. [file \"/usr/local/cwaf/rules/02_Global_Generic.conf\"] [line \"120\"] [id \"210492\"] [rev \"3\"] [severity \"CRITICAL\"] [tag \"CWAF\"] [tag \"Generic\"]"],"error_messages":["[file \"apache2_util.c\"] [line 273] [level 3] [client X.X.X.X] ModSecurity: Access denied with code 403 (phase 1). Matched phrase \"/.env\" at REQUEST_URI. [file \"/usr/local/cwaf/rules/02_Global_Generic.conf\"] [line \"120\"] [id \"210492\"] [rev \"3\"] [severity \"CRITICAL\"] [tag \"CWAF\"] [tag \"Generic\"] [hostname \".....com\"] [uri \"/.env\"] [unique_id \"Y5Wa1t2Rfi8Iu4-WbF30QAAAAGY\"]"],"action":{"intercepted":true,"phase":1,"message":"Matched phrase \"/.env\" at REQUEST_URI."},"stopwatch":{"p1":493,"p2":0,"p3":0,"p4":0,"p5":30,"sr":176,"sw":1,"l":0,"gc":0},"producer":["ModSecurity for Apache/2.9.5 (
http://www.modsecurity.org/)","CWAF_Apache"],"server":"Apache/2","engine_mode":"ENABLED"}}
