0

Recently I saw hundreds of strange requests from different ip addresses in my server logs.

These requests were trying to bruteforce directories for example:

GET /admin/admin.php 404
GET /admin/controlpanel.html 404
GET /admin/controlpanel.php 404
GET /admin/controlpanel.asp 404

Also some requests contained some JavaScript and PHP code.

What I should do in such situations?

schroeder
  • 125,553
  • 55
  • 289
  • 326
Ivan
  • 1
  • 1
  • "Welcome to the Internet"- you will get this type of thing every day you are exposed to the internet. What do you do? Make sure your server is secure against such attacks. – schroeder Feb 23 '23 at 13:49
  • Search here for "strange logs" and you'll see there are many people asking similar things. – schroeder Feb 23 '23 at 13:54
  • @schroeder my server is secure against such attacks but these requests were continiously being sent so it reduced server's performance. I can block these addresses but ip's also changes. – Ivan Feb 23 '23 at 13:56
  • These aren't "attacks". They are just abnormal requests. You have a performance engineering problem, not a security problem. A CDN tends to be the recommended tool to be more resilient to invalid requests – schroeder Feb 23 '23 at 14:08

0 Answers0