A brand new game
for Windows, HTML5, 3DS Homebrew, iPhone, Android TV and more,
Conserving Energy and Protecting the Site
18th October, 2018
10:30, last night, a Wasp appeared in my bedroom.
We hunted the cupboards for Fly/Wasp spray, but none was to be found.
Instead, I spent the night on the couch, and it'll be battled at some point this morning.
In the meantime, since my charger is currently inaccessible, being stuck in the far corner of the bedroom, I've been on low-power mode.
I had to shut down the laptop, late last night, so that I'd at least have enough power to post this morning's blogs and pixelart and whatnot, but my battery's already down to halfway, so I probably won't get an awful lot of actual coding done today... again...
I spent most of yesterday battling against the server's many many (MANY!) spambots, and other nasty "hole-seeking" things.
Seems that a LOT of bots are assuming either wordpress, or phpbb, and are desperately trying to figure out where the default config files are lurking.
There's an alarming number of default files that they're searching for, like wp-admin, wp-config and so on, but also things like wlwmanifest.xml, xmlrpc.php, apikey.php and more.
They've obviously built up a huge collection of "standard" security holes, and are hammering servers trying to find them.
Having a site that's entirely self built has many pros and cons, but watching all of this happen really does make me realise just how vulnerable default setups can be.
As a general warning, secure your server, and do it over and over and double down on everything.
But if you're running WordPress on your server, don't trust that anything you install as an add-on is truly secure. Be super paranoid about anything you install, and keep a watchful eye on your stats for odd behaviour.
Meanwhile, I'll continue to battle against the bots in the hope that I can keep them all at bay.
Be safe out there!!