52
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 29 Jan 2024
52 points (98.1% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54420 readers
462 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
 |
 |
|---|---|
| Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
That will always happen with something exposed to internet. Attackers scan every IP and domain they can looking for vulnerabilities to exploit. There's software you can put in place to block requests that look like exploit attempts. Cloudfare WAF is one example. But those are mitigations only and not perfectly effective. Beyond that there's not much you can do. Always make sure anything you expose to the internet is configured securely and kept up to date. If it makes you uncomfortable, reconsider exposing it like that.
Fail2ban works if they don't have infinite IP addresses
bots will start hitting a brand new subdomain on my web server literally seconds after creating it. looking for exploitable scripts like wordpress, usually.
You can avoid these scans by only using wildcards on your DNS entries and SSL certificates.
Both of these are commonly used by bots to find new domains.
Wildcard SSL subjects make sense as the certificate is public. But how does wildcard DNS help? They aren't public other than the requests coming from the client which don't use wildcard anyway.