My site is completely written by me in php on notepad, without WordPress, etc. The only known weakness is that due to the difficult hardware situation, I cannot use HTTPS for the login area. It runs on a shared hosting account in iPage. This is a lamp".
I configure to keep track of the reasons why page 404 is being called. Here is my concern. Someone is attempting folders in all lower case. This is more disturbing because these folder words are sometimes in the input area. For example, if I have a file on /loginArea/myHidden/index.php, these odd requests for some reason target / myhidden. Note the absence of restrictions and the absence of the first directory. This happens at a rate of 1 time per day from random IP addresses around the world. You could assume that it was a coding error on my part, but I am 100% sure that this is out of the question. They move around my folder structure, poke as if they are looking for something.
They seem to be limited by the words of the folder that they could sniff from the http traffic of registered users. They did not hit the one that is known only to me.
No damage seems to have been done, but I get DAILY attempts and want to know what they are hoping for.
source
share