You are probably under attack and you don’t even know it

If you have a public-facing resource on the internet (usually a web site) there is a high chance it gets scanned periodically by numerous bots. In fact, they might start doing this less than a minute after deployment. Security, he-he-he. https://youtu.be/40SnEd1RWUU How do I know? At Multify I host language translations for multiple clients. Essentially, I host separate domains which increases attack surface with each newly connected domain. The service proxies all of the requests to upstream, transforming the site in the process. This includes every malicious request sent by a bot – effectively rendering my service as an attacker instead of the bot. To combat this I use Crowdsec, which sits in front of the application, monitors and blocks requests from the malicious actors. And well... I got 120+ IPs malicious IPs rejected in the first 24 hours after the deployment. Majority of them are scanning for obvious vulnerabilities like .env and .htaccess. Oh, and lots of Wordpress paths of…