what could be the reason for an amazon ip in my nginx access.log file?
3.88.16.48 - - [11/Nov/2023:19:20:07 -0300] "GET / HTTP/1.1" 200 615 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36"
There are thousands of reasons.
Have SSH open.
Just about anyone can spin up resources in AWS and do whatever until they’re caught.
Get yourself crowdsec and the background noise of the web will be reduced in secounds
Pro tip set up user agent blocks in nginx and have it respond with a 444 it will have nginx stop responding instead of giving a 403. Block anything under chrome 100.