Hi, since a week or so i get these messages in the manager log:
[2018-11-14 02:41:45] (ERROR @ /home/USER/domains/DOMAIN/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'somepage.html\'>title somepage</a> ')
[2018-11-14 02:41:45] (ERROR @ /home/jolien/domains/geheelnatuurlijk.nl/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'somepage.html\'>title somepage</a> ' OR 'somepage.html\'>title somepage</a> ' REGEXP `modRedirect`.`pattern` OR 'somepage.html\'>title somepage</a> ' REGEXP CONCAT('^', `modRedirect`.`pattern`, '$'))
[2018-11-14 02:41:47] (ERROR @ /home/USER/domains/DOMAIN/core/xpdo/om/xpdoquery.class.php : 380) SQL injection attempt detected: (`modRedirect`.`pattern` = 'webpage.html\'>Webpage title</a> other text in sentence' OR 'webpage.html\'>Webpage title</a> other text in sentence' REGEXP `modRedirect`.`pattern` OR 'webpage.html\'>Webpage title</a> other text in sentence' REGEXP CONCAT('^', `modRedirect`.`pattern`, '$'))
Where 'USER', 'DOMAIN', 'sompage.html', 'webpage.html', 'title somepage' and 'other text in sentence' are edited by me but existant.
Has anyone got any ideas what is happening here. I can see they try to escape a quote. But what i can do to block this??