shinjuke Posted May 10, 2021 Share Posted May 10, 2021 What are some malicious visitor activities and what are some typical benign web crawler activities? I recognize some ZmEu access, /HNAP1, some shell commands.I also see an access from hello world (instead of Mozilla/5.0 etc). I think most of these are malicious or just poking around. What are some common security issues, and what are some preventive measures I can take to address them heads on, other than banning ip addresses? I also see some access to some .php, .index.php.bak, .asp, .jsp, that I did not upload or that is not part of public-html. How concerned should I be? Quote Link to comment Share on other sites More sharing options...
wolstech Posted May 11, 2021 Share Posted May 11, 2021 Both of these are completely normal. Bots poke at websites for all sorts of things, with all sorts of user agents. And yes, some are probably looking for a login page to abuse. Assuming your software is up to date, not full of security holes if you wrote it yourself, and you're not using Wordpress (which is easily compromised), you're probably fine. Quote Link to comment Share on other sites More sharing options...
Krydos Posted May 11, 2021 Share Posted May 11, 2021 In the last 24 hours 5 different bots have tried to access /wp-content/db-cache.php on my account. I've never even had wordpress installed. The internet is awash in bots looking for easy to hack websites. This is just one of many reasons to not use wordpress. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.