Since initially toying with Lighttpd last month, I decided to set it up on my home machine to see how it can handle a simple django site. After some tinkering and some development with a site, I got it up and running. It was pretty cool. I let it go for a couple of days before deciding on checking the logs to see how they were setup. The first few lines were from me doing tests but the rest of the lines were interesting. There were many lines that looked like someone was scanning for phpmyadmin and other people looking for ecommerce components, AppServ vulnerabilities, and someone referencing a site called www.wantsfly.com. These kinds of attacks seemed pretty consistent until a few days ago when the entries stopped. The bottom line is that one must protect themselves regardless of the type of website. I was hosting at home with no advertising of any kind and I was hit with these attacks. Luckily, I don't use phpmyadmin, AppServ or any kind of ecommerce software for my site.
So read your logs boys and girls. Learn about the kinds of attacks that are out there and protect yourself from them...
No comments:
Post a Comment