Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
H
H
HPositron2021-09-26 15:33:34
Information Security
HPositron, 2021-09-26 15:33:34

What does a lot of requests of the same type mean in access_log?

I recently launched a small site for personal use, connected Cloudflare, and the next day I was a little surprised because cloudflare statistics showed 1140 requests from at least 5 countries.
Checked the logs:

A piece of logs

172.70.122.17 - - [25/Sep/2021:11:07:57 +0300] "GET / HTTP/1.0" 302 308 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1"
172.70.122.17 - - [25/Sep/2021:11:07:58 +0300] "GET /login/ HTTP/1.0" 200 1820 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1"
162.158.91.176 - - [25/Sep/2021:11:09:36 +0300] "GET /admin.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:37 +0300] "GET /admin HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:37 +0300] "GET /admin/index.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:37 +0300] "GET /admin/admin.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:37 +0300] "GET /admin/adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:37 +0300] "GET /adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:38 +0300] "GET /login.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:38 +0300] "GET /login/index.php HTTP/1.0" 200 1884 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:38 +0300] "GET /home.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:38 +0300] "GET /PvqDq929BSx_A_D_M1n_a.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:38 +0300] "GET /panel HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:39 +0300] "GET /adm HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:39 +0300] "GET /adm/adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:39 +0300] "GET /files HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:39 +0300] "GET /panel.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:40 +0300] "GET /panel/login.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:40 +0300] "GET /panel/index.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:40 +0300] "GET /panel/admin.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:40 +0300] "GET /uadmin/adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:40 +0300] "GET /uadminons/adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:41 +0300] "GET /uadmfi/adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:41 +0300] "GET /uadminl/adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:41 +0300] "GET /uadminfi/adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.91.176 - - [25/Sep/2021:11:09:41 +0300] "GET /nooord/adm.php HTTP/1.0" 404 1604 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"


As I understand it, I'm being scanned. Tell me how potentially dangerous it is and how to protect yourself?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
P
paran0id, 2021-09-26
@HPositron

Correctly understood - bots are hammering in search of vulnerabilities. Set up fail2ban.

Similar questions
V
Velesrc2018-03-21 02:20:43
How to build a local network map with only wifi access? 4Reply
A
AC_DC2018-03-21 10:11:54
Why is total surveillance dangerous for the common man? 5Reply
S
Stage_director2021-07-16 15:23:43
Non-standard SMS from google about supposedly logging into your account, worry or ignore? 1Reply
G
gray422012-04-03 15:50:52
Protection of solid-state copies, in terms of control of printed information? 2Reply
F
FoxChiffa2021-07-20 10:03:35
How to block specific mail to a user? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question