#WordPress security is such a bane & nuisance, even for people who aren't even using it. In the past 24h I've been bombarded again with dozens of WP login spam emails, and my (static) sites had >4600 requests obviously scanning for all sorts of WP-related files & vulnerabilities...
Second to that is another group of scans (~1080) looking for mistakenly uploaded credential files in `.aws/*`, `.env.*`, `.ssh/*` etc.
😡😤
Karsten Schmidt
npub1lf…s5lyy
2025-03-17 14:52:54 UTC
Author Public Key
npub1lfn827aqxvg9gxel64vxnpjkkundr0khkeh568asjp6qft8csd0ses5lyySeen on
wss://relay.momostr.pinkPublished at
2025-03-17 14:52:54 UTCEvent JSON
{
"id": "1756b6992df703f106515486e4faf3b8f5b06882dccff8d0809fb5b3096ae6ce",
"pubkey": "fa66757ba03310541b3fd558698656b726d1bed7b66f4d1fb0907404acf8835f",
"created_at": 1742223174,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.thi.ng/@toxi/114178337986569308",
"web"
],
[
"t",
"wordpress"
],
[
"proxy",
"https://mastodon.thi.ng/users/toxi/statuses/114178337986569308",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.thi.ng/users/toxi/statuses/114178337986569308",
"pink.momostr"
],
[
"-"
]
],
"content": "#WordPress security is such a bane \u0026 nuisance, even for people who aren't even using it. In the past 24h I've been bombarded again with dozens of WP login spam emails, and my (static) sites had \u003e4600 requests obviously scanning for all sorts of WP-related files \u0026 vulnerabilities...\n\nSecond to that is another group of scans (~1080) looking for mistakenly uploaded credential files in `.aws/*`, `.env.*`, `.ssh/*` etc.\n\n😡😤",
"sig": "9eb0cb8ae1a806d87d1534c0ac8451a9b00e95a74ca809d2903266149ddadcf9a67fc58d2e1d2f771598fda1a30bae8367388f623c79f23a8b3e52166ba80dbb"
}