When your raspberry pi is bombarded with /phpmyadmin URL attempts in all its forms and possible paths and versions 😅

Like seriously? Who in there right mind uses phpmyadmin AND has it accessible to the public.

- there's no databases on this Rpi but you keep looking.

Anything that's publicly accessible receives its share of (automated) hacking attempts. My top 404 by far is /wp-login.php - and I don't even use WP!

People who aren't too tech savvy or know nothing about security / don't realize how dangerous the internet is

I would wager that a huge number of phpmyadmin installs are internet-facing, as they're very often done with something like plesk or cpanel.

For me it's bots sending passwords to key-auth only SSH.

Drop a zip bomb on them, or reply with random status codes. Don't just leave the requests of those poor guys unanswered!

Its more common than you might think.

I’ve even stumbled on a phpmyadmin installation that was exposed to the internet and didn’t require any authentication.

@Fast-Nop i copied stackoverflow an rickrolled wp-login.php made a little algorithm to reject the stupid passwords. Really need to find that script again

The greater internet is a malevolent kraken plunging its writhing tentacles into every possible hole and crack in an attempt to kill you and everyone else.

... and/or sell you viagra. Giving you good deals and killing you are not mutually exclusive.

@filthyranter i don't have that issue plus I don't have ssh public so that could do it.

@7400 😮this could be my next weekend gone

@Root but they never deliver my Viagra. That post man seems to have a problem.

One of my servers spent a few hours being bombarded by SSH connection attempts from some kind of botnet. That was annoying because my fail2ban configuration wasn't strict enough and my server's CPU and memory were maxed out by the connection attempts. My own SSH connection timed out a few times and the server was slow as hell once I managed to connect.

After that, I switched sshd over to a nonstandard port and set fail2ban to ban for 6 hours after 2 auth failures. That helped a lot.

You should create a fake myadmin that installs some ransomware on their system, then demand for bitcoins!