So I have this nice, simple web server up running. Its purpose is to allow me external testing with HIP, and to provide some files for external distribution. Of course, there it is sitting on port 80 and the attacks are coming in per logwatch report. Examples from the report include:
Requests with error response codes 404 Not Found //phpMyAdmin-2.5.1/scripts/setup.php: 1 Time(s) //phpMyAdmin-2.5.4/scripts/setup.php: 1 Time(s) //phpMyAdmin-2.5.5-pl1/scripts/setup.php: 1 Time(s) //phpMyAdmin-2.5.5-rc1/scripts/setup.php: 1 Time(s) //phpMyAdmin-2.5.5-rc2/scripts/setup.php: 1 Time(s) /muieblackcat: 1 Time(s) /myadmin/scripts/setup.php: 2 Time(s) /mysql-admin/scripts/setup.php: 1 Time(s) /mysql/scripts/setup.php: 1 Time(s) /mysqladmin/scripts/setup.php: 2 Time(s) /mysqlmanager/scripts/setup.php: 1 Time(s)
Now these are only a few, though I am probably not being hit as hard as others out there.
My question is:
Is there a way to shut this nonsense down? Or because I am sending the 404, I am doing all that is reasonable to do?
I am wondering that if this list starts getting long, that is a lot of logging and I probably don't need to log 404s?