Return to Answer

As Fiasco Labs points out in their answer, these type of log entries are a dime-a-dozen. But as a systems administrator with a deep history managing and protection LAMP-based web servers, this is not an attack as much a scripted “probe” of your system by someone somewhere. These probes/scans of a system are done to see what—if any—servers out there are vulnerable; not just your servers. In general this is the equivalent of the “war dialing” that was fairly commonplace in the 1980s/1990s days of system hacking via acoustic modem; scan a list of systems, see what systems have “flaws” and then see what you can do with those supposed flaws.

Which means, be sure to backup your core codebase so if it is ever compromised, you can easily redeploy clean code without much effort. To that end I would highly recommend you use a source code management tool like git for your version tracking as well as setting up a GitHub repository for remote storage. Also, learn how to use Capistrano with PHP to deploy code; I have an answer that addresses how to do this over here.

As Fiasco Labs points out in their answer, these type of log entries are a dime-a-dozen. But as a systems administrator with a deep history managing and protection LAMP-based web servers, this is not an attack as much a scripted “probe” of your system by someone somewhere. These probes/scans of a system are done to see what—if any—servers out there are vulnerable; not just your servers. In general this is the equivalent of the “war dialing” that was fairly commonplace in the 1980s/1990s days of system hacking via acoustic modem; scan a list of systems, see what systems have “flaws” and then see what you can do with those supposed flaws.

Which means, be sure to backup your core codebase so if it is ever compromised, you can easily redeploy clean code without much effort. To that end I would highly recommend you use a source code management tool like git for your version tracking as well as setting up a GitHub repository for remote storage. Also, learn how to use Capistrano with PHP to deploy code; I have an answer that addresses how to do this over here.

What I consider best security practice is hardening you LAMP server setup and ensuring our PHP code is solid. This answer on the security Stack Exchange site is a good starting point in understanding what “hardening” means, but honestly if you are not a systems administrator much of this might be over your head.

What I consider best security practice is hardening you LAMP server setup and ensuring our PHP code is solid. This answer on the security Stack Exchange site is a good starting point in understanding what “hardening” means, but honestly if you are not a systems administrator much of this might be over your head.

Should you be panicked about this? Not at all. Any and every web server on the Internet is being constantly probed. I managed a few Ubuntu Linux web servers and I am 100% positive if I were to check my logs right now, tomorrow, a day from now, etc… I would see entries similar to what you are seeing. But I am not losing sleep over this at all. The reality is if your core OS is properly patched and the framework you are using is patched and up to date, you are in good shape.

Should you be panicked about this? Not at all. Any and every web server on the Internet is being constantly probed. I manage a few Ubuntu Linux web servers and I am 100% positive if I were to check my logs right now, tomorrow, a day from now, etc… I would see entries similar to what you are seeing. But I am not losing sleep over this at all. The reality is if your core OS is properly patched and the framework you are using is patched and up to date, you are in good shape.