alt Hacker NewsEvery time I venture in the the web server's error log, I see all of the skiddie's attempts at accessing the most common things with most of them being .php files. Lots of /wp/admin.php and /phpadmin/ type requests. Of course, none of those are available which is why the requests are in the error log. I've never paid attention, but I wonder how long (as in how little time) for a new server to come online before it starts to get probed by a skiddie. Whether they are just war dialing IPs or paying attention to new domain announcements but I'd put it on a few hours tops.
Replies
rstupek • yesterday at 10:12 PM
If you get a letsencrypt certificate it will get probed within a minute
➕ show 1 reply
doublerabbit • yesterday at 11:37 PM
22 minutes. I got my new ISP with fibre. Placed my web server online. 22 minutes my honey pot got stung.
Dismissing these as script kiddie attempts is no longer correct. This is a real industry now. It’s not like the large scale actors are going to pass up a valid unpatched vector just because it’s old hat.