Wtf is this gay shit? I recently used my Raspberry to host some stuff online and bought a domain. Next thing I know I'm being bombarded with chink and nigger ips out of nowhere trying to sniff random stuff. Is this normal? I'm not even hosting anything important yet keep getting random hits on my server. I haven't even shared the domain with anyone. I only use it myself. Why?
Wtf is this gay shit? I recently used my Raspberry to host some stuff online and bought a domain...
Other urls found in this thread:
iblocklist.com
twitter.com
it's scripts and automated programs
just chinks with scanners. If they detect those common admin pages they will attempt to guess the password, or check the version and use known exploits. I have no idea how well this works but it probably does or they wouldn't be scanning the entire internet like this.
Block all African, Chinese, Indian, and Russian IP ranges. Nothing good comes from these.
t. web security guy
Very normal its just ruskis, gooks and niggers hitting common endpoints for things like phpmyadmin control panel in an attempt to take over ur device. Mostly harmless, if you are just serving files or running a bespoke web app, just like a baby sized dos for a second. Just make sure if u actually host some normie shit framework u lock it down. They got ur domain from scraping DNS update logs
>Is this normal?
Yes. The internet is a scary place.
I will user. Is it possible to know the IP ranges?
changing the port is usually enough to get rid of most of it.
You stupid fuck. Change the SSH server port and start using pubkey auth NOW.
a follow up in this, if u do have a webapp or something that youve written in node python or similar, just return 500 for *.php as u arent using that gay shit anyway
SSH (22) is blocked by the router and by a firewall installed on the pi. I only allow access from inside the router
this is very very very very very typical of anything public-facing on the internet.
I have a secured home server and the instant i opened ssh for it i already had chinese bots going after it trying default usernames and passwords.
get something called fail2ban and it will automatically ban most "usual" bots
i wrote a script that generates a wallofshame.txt from fail2ban logs to collect their ips just for fun
welcome to the internet, kiddo
changing the port of httpd? on a public facing site? lol are you serious?
127.0.0.1 is all you need to block
You're getting scanned. Bots will scan hosts on the open internet for known vulns. If the vuln is present, they'll run it and get your host to phone home. Nothing to worry about, it's totally normal. I'd recommend installing fail2ban and set up a custom jail to watch for 404s and 403s.
it's not fucking ssh OP complains about you dumb spergs
i never said it was ssh you dumb shit I was sharing a personal experience in relation to being astounded by bot traffic
iblocklist.com
does this work?
Why do the Chinese do this?
>php
>gay shit
This is why everyone with a brain rangebans India and China.
it's because they're all dishonest and thieving cunts. this is why most people with any sense block the entire country.