Attacks on a website can take many forms, but the most common form of attack through a vulnerable extension is like this

{jb_redbox}
Host: xxx4377.ovh.net
/phpgedview/individual.php?pid=I7&ged=family.ged%20%20//phpGedView/help_text_var.php?cmd=dir&PG
Http Code: 404     Date: May 04 12:20:26     Http Version: HTTP/1.1     Size in Bytes: -
Referer: -
Agent: Mozilla/5.0 {/jb_redbox}

or


{jb_redbox}

Host: 91.xxx.xx.xx
/option=com_spsnewsletter&controller=../../../../../../../../../../../../../../../proc/self/environ%00
Http Code: 403     Date: May 02 19:55:33     Http Version: HTTP/1.1     Size in Bytes: -
Referer: -
Agent: libwww-perl/5.808

 {/jb_redbox}

This can sometimes be overcome or defeated by blocking the bot, in this case the libwww bot

SetEnvIfNoCase User-Agent "^EmailSiphon" bad_bot
SetEnvIfNoCase User-Agent "^EmailWolf" bad_bot
SetEnvIfNoCase User-Agent "^ExtractorPro" bad_bot
SetEnvIfNoCase User-Agent "^CherryPicker" bad_bot
SetEnvIfNoCase User-Agent "^NICErsPRO" bad_bot
SetEnvIfNoCase User-Agent "^Teleport" bad_bot
SetEnvIfNoCase User-Agent "^EmailCollector" bad_bot
SetEnvIfNoCase User-Agent "^LinkWalker" bad_bot
SetEnvIfNoCase User-Agent "^Zeus" bad_bot
SetEnvIfNoCase User-Agent "^Libwww-perl" bad_bot
SetEnvIfNoCase User-Agent "^DataCha0s/2.0" bad_bot


Order Allow,Deny
Allow from all
Deny from env=bad_bot