That doesnt look like an attack, that looks like a misconfiguration. This:
mmap cache can't open /var/www/vhosts/somedomain.org/httpdocs/var/compiled/mail/%%B2^B27^B27F06E6%%order_notification_subj.tpl.php - Permission denied (pid 19211)
Looks like the domain is setup to generate php opcode and to store it in the subdirectory /var/compiled/mail/, and it cant open the compiled opcode in that directory. Are the permissions on that directory setup to allow your webserver to read (and probably also write) to/from that directory?