Many people leave default admin passwords unchanged when installing third party software on their webservers, so there's a lot of bots out there looking for such pages. Once they have admin access they can do a holl of a lot of damage including hijacking your whole system if your security settings aren't up to the task, and let's be honest, someone who didn't even bother to change the default admin password didn't exactly dive deep into the security profile.
On Tue, 8 Apr 2025 at 19:31, Jerome Shidel via Freedos-devel <freedos-devel@lists.sourceforge.net> wrote: > > > > > On Apr 8, 2025, at 12:36 PM, Jim Hall via Freedos-devel > > <freedos-devel@lists.sourceforge.net> wrote: > > > > On Tue, Apr 8, 2025 at 11:18 AM Bernd Böckmann via Freedos-devel > > <freedos-devel@lists.sourceforge.net> wrote: > >> > >> The site pings fine, trace route is fine. Interestingly, plain HTTP also > >> seems to work fine, while HTTPS times out... > >> > > > > > > I manage a few other websites and those servers have been getting hit > > hard in the last weeks or months from AI bots (they are crawling our > > articles) and the general website responsiveness has been slower. It's > > possible that's what is happening here. > > While there is little doubt that type of activity has been on the rise, I > think a lot of load comes from bad actors searching for weaknesses. > > My server is fairly harsh and aggressive on such activities. For example, > WordPress is not nor ever has been on my server. Normal crawlers would never > ask for the admin interface to WordPress on my site. It has never existed > there. If such a black-listed page is requested and does not exist, the IP is > immediately banned for a very long time. The ever-growing list of banned IPs > is currently around 50,000. Of course, there are other security measures in > place. > > While it is possible that such a request to a black-listed page could be > benign, it would not be made by a human. It would be from some sort of > statistic gathering bot and I could care less if it gets banned. > > It has no effect on search engine crawlers like google. Unfortunately, such > aggressive measures are not really suited for many servers like IBIBLIO. > > That reminds me I should get around to adding some new entries to the > black-list. I like the server to catch such behavior as fast as possible. > > :-) > > > > _______________________________________________ > > Freedos-devel mailing list > > Freedos-devel@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/freedos-devel > > > _______________________________________________ > Freedos-devel mailing list > Freedos-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/freedos-devel _______________________________________________ Freedos-devel mailing list Freedos-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-devel
