0

I have recently become the proud operator of a server that runs wordpress and other software. Today I took a closer look at the log files to see what's going on on my server. Actually, I just wanted to see how people around the world can use services and information through my work (yes, I like my job). Unfortunately, I also noticed a few strange activities. Not excessive or even brutal, but always constant. Research often showed that it is probably an attempt to find (known) weak points. Since I have little experience in running a server, I wanted to ask you whether this is normal and / or whether I should / can do something against it? Best wishes :D

eltitano
  • 3
  • 3
  • Dont run WordPress if you can avoid it. If you have to, ensure xmlrpc is disabled. In your scenario, something like Wordfence is probably highly desirable. Ensure you keep up to date with latest plugins. Do regular backups, ensure long passwords, lock /wp-admin down to local users if possible, Use an AV scanner (which can find hints of eval code). Block access to php exec function calls and prevent php running from uploads directory. – davidgo Sep 23 '20 at 03:32
  • Fail2ban can be helpful with xmlrpc, brute login detection and Apache rules. – davidgo Sep 23 '20 at 03:33
  • Minimize number of plugins. – davidgo Sep 23 '20 at 03:34

1 Answers1

3

Welcome to the Internet. Yes, it's normal to see such traffic. It even has a name: Internet background noise.

Keep in mind that virtually all of it is automated traffic from bots which just try known security vulnerabilities against every IPv4 address on the Internet. If one happens to succeed, then the bot will generally either deploy some pre-prepared malicious payload or notify its human or both.

This is one reason why it's absolutely critical to keep on top of security updates, both for your OS and for your public facing web applications. Consider turning on automatic updates for WordPress (and its themes and plugins!), your other web apps, and the operating system.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972