While going over whats in /var/log/hestia/nginx-access.log
I discovered a strange access anamoly
Image attached
Did someone from Russia accessed my control panel?
Please let me know! Screen Shot 2021-09-16 at 2.00.13 PM|690x43
2 seconds of googling, first result: web application - NGINX Hacking Attempt - Information Security Stack Exchange
Bots, nothing to worry about, I would suggest to give google a try before you create a new thread, in the most cases, it can give you already the answer.
The http status 400 is an error. And that is what your server is answering to that Russian bot.
To harden your servers security try to add a Recidive rule to fail2ban and also you may block all traffic from Russia in the panel.
Good to know, thanks guys.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.