-1

Almost 4 years ago I was working on a project and noticed unknown commands being executed right in front of my eyes. More about that here

This time I launched a website and I can see in the webserver log the following errors:

Error: ENOENT: no such file or directory, stat 'C:\website\site\robots.txt'
Error: ENOENT: no such file or directory, stat 'C:\website\site\l.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\phpinfo.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\test.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\help.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\java.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\_query.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\test.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\db_cts.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\db_pma.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\logon.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\help-e.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\license.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\log.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\hell.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\pmd_online.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\x.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\shell.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\htdocs.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\b.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\sane.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\desktop.ini.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\z.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\lala.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\lala-dpr.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\wpc.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\wpo.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\t6nv.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\muhstik.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\text.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\wp-config.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\muhstik.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\muhstik2.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\muhstiks.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\muhstik-dpr.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\lol.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\uploader.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\cmd.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\cmv.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\cmdd.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\knal.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\cmd.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\shell.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\appserv.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\scripts\setup.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\phpmyadmin\scripts\setup.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\phpMyAdmin\scripts\setup.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\scripts\db___.init.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\phpmyadmin\scripts\db___.init.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\phpMyAdmin\scripts\db___.init.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\pma\scripts\setup.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\PMA\scripts\setup.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\myadmin\scripts\setup.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\MyAdmin\scripts\setup.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\pma\scripts\db___.init.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\PMA\scripts\db___.init.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\myadmin\scripts\db___.init.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\MyAdmin\scripts\db___.init.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\plugins\weathermap\editor.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\cacti\plugins\weathermap\editor.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\weathermap\editor.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\index.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\elrekt.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\index.php\module\action\param1\${@die(md5(HelloThinkPHP))}'
Error: ENOENT: no such file or directory, stat 'C:\website\site\index.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\d7.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\rxr.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\1x.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\home.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\undx.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\spider.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\payload.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\composers.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\izom.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\composer.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\hue2.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\Drupal.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\lang.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\izom.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\payload.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\new_license.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\images\!.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\images\vuln.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\hd.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\images\up.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\images\attari.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\images\jsspwneed.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\images\stories\cmd.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\images\stories\filemga.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\up.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\laravel.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\huoshan.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\yu.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\floaw.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\ftmabc.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\doudou.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\mjx.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\xiaoxia.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\yuyang.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\zz.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\coonig.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\ak.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\baidoubi.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\hhhhhh.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\meijianxue.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\no1.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\python.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\woshimengmei.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\indea.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\taisui.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\xiaxia.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\kk.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\xsser.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\zzz.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\99.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\dp.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\hs.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\1ts.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\haiyan.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\phpdm.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\root.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\5678.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\root11.php'
Error: ENOENT: no such file or directory, stat 'C:\website\site\xiu.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\secure\ContactAdministrators!default.jspa'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\weaver\bsh.servlet.BshServlet'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\pmd\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\pma\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\PMA\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\PMA2\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\pmamy\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\pmamy2\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\mysql\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\admin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\db\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\dbadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\web\phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\admin\pma\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\admin\PMA\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\admin\mysql\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\admin\mysql2\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\admin\phpmyadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\admin\phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\admin\phpmyadmin2\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\mysqladmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\mysql-admin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\mysql_admin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadmin0\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadmin1\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadmin2\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin-4.4.0\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin4.8.0\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin4.8.1\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin4.8.2\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin4.8.3\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin4.8.4\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin4.8.5\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\myadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\myadmin2\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\xampp\phpmyadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyadmin_bak\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\www\phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\tools\phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadmin-old\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdminold\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin.old\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\pma-old\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\claroline\phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\typo3\phpmyadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpma\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadmin\phpmyadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin\phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAbmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin__\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin+++---\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\v\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadm1n\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdm1n\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\shaAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyadmi\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmion\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\s\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\MyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin1\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin123\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\pwd\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmina\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMydmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmins\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin._\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin._2\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadmin2222\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin333\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmyadmin3333\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\php2MyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpiMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpNyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\1\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\download\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin_111\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\321\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\123131\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdminn\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdminhf\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\sbb\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\WWW\phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmln\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpMyAdmin_ai\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\__phpMyAdmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\program\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\shopdb\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phppma\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\phpmy\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\mysql\admin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\mysql\dbadmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\mysql\sqlmanager\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\mysql\mysqlmanager\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\wp-content\plugins\portable-phpmyadmin\wp-pma-mod\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\sqladmin\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\sql\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\SQL\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\websql\index.php'
Error: ENOENT: no such file or directory, stat 'C:\splitter.ai\site\MySQLAdmin\index.php'

So what's going on here? And most importantly, how can I protect my site?

Server info: NodeJS, Express with Helmet No PHP No SSH Windows 10

vaid
  • 3,539
  • 5
  • 16
  • 19
  • 1
    Your question is extremely vague. You haven't told us anything about your web server (Windows, Linux?), its configuration (Which server software? Which users, with which permissions? Do you have a firewall?), which software you are running (a custom PHP script of yours? A CMS?), which kind of log you are showing us (Apache error log?), … Have you followed any of the advice given in the linked question? If not, why not? – slhck Nov 24 '19 at 11:42
  • Yeah I realized that after I left the office. Question updated. – vaid Nov 24 '19 at 15:57
  • You're using Windows 10 on a public facing web server? 4 years ago you were advised you'd been hacked on a web server you were running. One would think that in 4 years you'd put together a more secure system, but here you are running a desktop OS as a server open to the public internet. – music2myear Nov 25 '19 at 01:03
  • So you're assuming I've been working with network security for 4 years straight? – vaid Nov 25 '19 at 17:53

1 Answers1

3

They are trying every likely location of potentially vulnerable scripts and website admin interface.

If you don't want people to compromise your web server then you have several options.

  1. Don't run a publicly facing website. If you are not up to the task of administrating a website full-time and applying patches and updates and fixing breaches then you shouldn't be doing it.
    Setting up a website is easy, keeping it up and secure is hard.
  2. Always keep your software up to date. Use the latest versions of software and related website tools.
  3. Use blacklisting tools for your website software to block most common sources of intrusion. Search for blacklist <your web stack> in Google or your favourite search engine.
  4. Your web logs should include the IP address of any requests. Look through your server documentation to find out how to block IP addresses.
  5. Set up your firewall to blacklist or block IP addresses.

Numbers 3 & 4 are, at best, temporary and transient fixes. "Hackers" can easily change IP address by using proxies, VPNs and other methods. They can reduce the effect (I.e. your not waste server resources) of attacks by simply ignoring them. It does not mean that you won't get traffic still, just that your server won't handle it.

Number 5 is just a variant on 3 & 4 that will prevent the website software from seeing the request at all. You will still get traffic and could be DOS'ed off the internet by it.

Number 2 is one of the most important and under-appreciated ideas. Bugs are found in software all the time and get fixed most of the time, but people often refuse to update the software because it might break something or need them to do more work to repair some other dependencies.

If you are not going to update your software then you might as well just put out a welcome mat and post your bank details for everyone to use.

Take a backup. Perform the update. If something breaks then roll back the backup and try again.

Do not just leave insecure software running on a public machine because it's "easier".

You will always get these kinds of intrusion attempts and they are a fact of having public facing computers. The best you can do is defend against them.

If your computer doesn't need to be public, with servers that are accessible to other users, then don't make it public. Use intermediate services that connect you to your computer. Granted you just move the compromise point to that service, but it is another point that has to fail before yours does.

Mokubai
  • 89,133
  • 25
  • 207
  • 233
  • 1
    This is all good advice, but very general. More specifically I'd recommend to allow only public-key-based SSH logins, use firewalls like `ufw`, limit repeated access with tools like `fail2ban`, know how to properly set permissions for the web server user and PHP scripts, etc. That is assuming a LAMP stack. But the question isn't really answerable – the OP hasn't told us anything about their configuration, what software or scripts they are running on which server. We don't even know the operating system. – slhck Nov 24 '19 at 11:40