Zwar wird mein nächstes Projekt erst in knapp drei Monaten der Öffentlichkeit präsentiert. Doch es besteht schon eine Domain mit WebSpace und TLS-Zertifikat ( https:// ). Was offenbar schon reicht, um von verschiedensten Seiten Angriffe auf sich zu ziehen. Dabei wurde noch nirgends Werbung gemacht; aber irgendwie gelangen angemeldete Domains immer schnell in die Suchmaschinen, von wo aus sie dann von Angreifern aufgespürt werden. Wie genau das vor sich geht: K.A. - ich steh' auf der anderen Seite
Hier mal ein Auszug aus dem Log (IP und Ddomainname unkenntlich gemacht) . Dort wird schnell ersichtlich, dass jemand versucht, das servereigene PHP für seine Zwecke zu missbrauchen :
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:52 +0100] "GET /MSD/sql.php HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:52 +0100] "GET /Msd/sql.php HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:53 +0100] "GET /MySQLDumper1.24.4/msd1.24.4/sql.php HTTP/1.1" 404 298 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:53 +0100] "GET /MySQLDumper1.24.4/sql.php HTTP/1.1" 404 288 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:58 +0100] "GET /MySQLDumper1.24.4stable/sql.php HTTP/1.1" 404 294 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:58 +0100] "GET /MySqlDumper/sql.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:58 +0100] "GET /Mysqldumper/sql.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:58 +0100] "GET /admin/sql.php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:23:59 +0100] "GET /admin/sql/sql.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:04 +0100] "GET /backup/sql.php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:04 +0100] "GET /backups/sql.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:04 +0100] "GET /database/sql.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:04 +0100] "GET /datenbank/sql.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:04 +0100] "GET /dump/sql.php HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:04 +0100] "GET /dumper/sql.php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:05 +0100] "GET /msd/sql.php HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:05 +0100] "GET /msd1.24.2/sql.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:05 +0100] "GET /msd1.24.3/sql.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:05 +0100] "GET /msd1.24.4/sql.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:05 +0100] "GET /msd1.24stable/sql.php HTTP/1.1" 404 284 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:05 +0100] "GET /myadmin/sql.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:05 +0100] "GET /mysql/sql.php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:06 +0100] "GET /mysqldumper/sql.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld
xxx.xx.xxx.xxx - - [21/Feb/2018:01:24:06 +0100] "GET /sql/sql.php HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" domainname.tld