So, im a newbie here.
I have some services running.
I put today all behind Nginx as a reverse proxy. And im using ssl/tls from letsencrypt.
I found this ip in my access.log from Nginx.
83.97.73.87 - - [10/Nov/2023:12:20:35 -0300] "GET /_ignition/execute-solution HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
83.97.73.87 - - [10/Nov/2023:12:23:23 -0300] "GET / HTTP/1.1" 200 615 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
83.97.73.87 - - [10/Nov/2023:12:45:26 -0300] "GET / HTTP/1.1" 200 615 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
I look for that ip and it seems that is a BAD IP!!!
Look https://www.abuseipdb.com/check/83.97.73.87
Im fine or i need to do something to avoid this?!
Im safe or this could made something to my server?
You are viewing a single thread.
View all comments 1 point
Naw, you’re fine. It’s just russian bots trying to scrape your site, looking for vulnerabilities.
This may prove helpful: https://stackoverflow.com/questions/58249085/how-to-solve-facade-ignition-http-middleware-ignitionenabled