![](https://seccdn.libravatar.org/avatar/0e482cdf263bd0e0421da766878b774c.jpg?s=120&d=mm&r=g)
On 20/02/2021 21.04, Per Jessen wrote:
Carlos E. R. wrote:
Then the other day, I wanted to share a file using my server, and noticed that Apache was being hit, with "stupid" requests. Well, not stupid, they are probably probing vulnerabilities.
Yup, thousands and thousands every day and hour.
Quite, but on a very high port? This is new.
Should I worry?
Nope.
Should I try to implement something in the firewall that blocks IPs that attempt on vulnerabilities, somehow? If there is such a tool.
Much depends on what you are running on your Apache server. There are many vulnerable apps out there. Maybe study your logs and pick the most frequent patterns, then configure apache to refuse them.
No apps. There is a /srv/cgi-bin that came with the installation or the example, but the "external" vhost doesn't have it. Just a static index.html file with a "hello you". Isengard:~ # rpm -qa | grep -i apache apache2-mod_security2-2.9.2-lp152.3.7.x86_64 apache2-2.4.43-lp152.2.12.1.x86_64 apache2-doc-2.4.43-lp152.2.12.1.noarch apache2-utils-2.4.43-lp152.2.12.1.x86_64 apache-commons-logging-1.2-lp152.5.1.noarch apache2-prefork-2.4.43-lp152.2.12.1.x86_64 Isengard:~ # -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)