Carlos E. R. wrote:
Then the other day, I wanted to share a file using my server, and noticed that Apache was being hit, with "stupid" requests. Well, not stupid, they are probably probing vulnerabilities.
Yup, thousands and thousands every day and hour.
Should I worry?
Nope.
Should I try to implement something in the firewall that blocks IPs that attempt on vulnerabilities, somehow? If there is such a tool.
Much depends on what you are running on your Apache server. There are many vulnerable apps out there. Maybe study your logs and pick the most frequent patterns, then configure apache to refuse them.
Excerpt from /var/log/apache2/access_log:
167.248.133.54 - - [15/Feb/2021:17:20:14 +0100] "GET / HTTP/1.1" 403 972 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
Just a probe of SSL support. Harmless. -- Per Jessen, Zürich (6.1°C) http://www.dns24.ch/ - your free DNS host, made in Switzerland.