I have recently become the proud operator of a server that runs wordpress and other software. Today I took a closer look at the log files to see what’s going on on my server. Actually, I just wanted to see how people around the world can use services and information through my work (yes, I like my job). Unfortunately, I also noticed a few strange activities. Not excessive or even brutal, but always constant. Research often showed that it is probably an attempt to find (known) weak points. Since I have little experience in running a server, I wanted to ask you whether this is normal and / or whether I should / can do something against it? Best wishes 😀
Welcome to the Internet. Yes, it’s normal to see such traffic. It even has a name: Internet background noise.
Keep in mind that virtually all of it is automated traffic from bots which just try known security vulnerabilities against every IPv4 address on the Internet. If one happens to succeed, then the bot will generally either deploy some pre-prepared malicious payload or notify its human or both.
This is one reason why it’s absolutely critical to keep on top of security updates, both for your OS and for your public facing web applications. Consider turning on automatic updates for WordPress (and its themes and plugins!), your other web apps, and the operating system.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.