[root@xxxx-xxxx logs]# grep 'POST' access_log.processed | tail -5
XX.XX.XX.XX - - [13/Dec/2016:06:39:50 +0100] "POST /core/model/modx/modchunk.class.php HTTP/1.0" 403 1228 "http://www.mydomain.com/core/model/modx/modchunk.class.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/XX.XX.XX.XX Safari/537.36"
XX.XX.XX.XX - - [13/Dec/2016:06:40:33 +0100] "POST /f2ab3.php HTTP/1.0" 500 17376 "http://mydomain.com/f2ab3.php" "Mozilla/5.0 (X11; U; Linux i686; en-US) U2/1.0.0 UCBrowser/XX.XX.XX.XX"
XX.XX.XX.XX - - [13/Dec/2016:06:41:14 +0100] "POST /assets/components/nospam/js/cache18.php HTTP/1.0" 200 245 "http://www.mydomain.com/assets/components/nospam/js/cache18.php" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0"
XX.XX.XX.XX - - [13/Dec/2016:06:41:25 +0100] "POST /core/model/modx/jsonrpc/search1.php HTTP/1.0" 403 1228 "http://www.mydomain.com/core/model/modx/jsonrpc/search1.php" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0"
XX.XX.XX.XX - - [13/Dec/2016:08:46:19 +0100] "POST /fltwpqc HTTP/1.1" 200 322 "http://mydomain.com/fltwpqc" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/XX.XX.XX.XX Safari/537.36"
XX.XX.XX.XX - - [14/Dec/2016:09:20:34 +0100] "GET /blogg/2014/09/02/my-blog-post-title--2014/blogg/blogg/tags/blogg/blogg/tags/blogg/blogg/2014/09/02/my-blog-post-title-2014/blogg/blogg/tjanster/blogg/blogg/tjanster/blogg/blogg/tags/grafisk+profil HTTP/1.1" 404 1229 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.1) Gecko/20100101 Firefox/26.0"
This question has been answered by sketchi. See the first response.
These files were found on the site that was hacked yesterday:
[2016-12-14 11:40:26] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:26] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:26] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(): Failed opening '/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php' for inclusion (include_path='.:/usr/local/php5619-cgi/pear') [2016-12-14 11:40:26] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/xpdo/om/xpdoobject.class.php : 811) modTemplateVar: Attempt to set NOT NULL field type to NULL [2016-12-14 11:40:26] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/xpdo/om/xpdoobject.class.php : 811) modTemplateVar: Attempt to set NOT NULL field type to NULL [2016-12-14 11:40:27] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/xpdo/om/xpdoobject.class.php : 811) modTemplateVar: Attempt to set NOT NULL field type to NULL [2016-12-14 11:40:27] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:27] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:27] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(): Failed opening '/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php' for inclusion (include_path='.:/usr/local/php5619-cgi/pear') [2016-12-14 11:40:43] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:43] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:43] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(): Failed opening '/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php' for inclusion (include_path='.:/usr/local/php5619-cgi/pear') [2016-12-14 11:40:44] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:44] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:44] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(): Failed opening '/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php' for inclusion (include_path='.:/usr/local/php5619-cgi/pear') [2016-12-14 11:40:46] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:46] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:46] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(): Failed opening '/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php' for inclusion (include_path='.:/usr/local/php5619-cgi/pear') [2016-12-14 11:40:46] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:46] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php): failed to open stream: Filen eller katalogen finns inte [2016-12-14 11:40:46] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/cache/includes/elements/modplugin/11.include.cache.php : 2) PHP warning: include(): Failed opening '/var/www/vhosts/mydomain.com/httpdocs/core//components/nospam/nospam.plugin.php' for inclusion (include_path='.:/usr/local/php5619-cgi/pear')
[2016-12-14 12:50:26] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/xpdo/om/xpdoobject.class.php : 811) modTemplateVar: Attempt to set NOT NULL field type to NULL
[2016-12-14 12:42:52] (ERROR @ /var/www/vhosts/mydomain.com/httpdocs/core/xpdo/xpdo.class.php : 1259) Problem getting service quip, instance of class Quip, from path /var/www/vhosts/mydomain.com/httpdocs/core/components/quip/model/quip/