Is this a Dos attack?


#1

Hello

Can you please take a look at this access log?

They request some pages that doesn’t exist on my site at the same time with my own IP (54.36.158.33) and the site get database error.

What’s the problem?
How can I prevent it?

Thanks


#2

Likely scanning for known security vulnerabilities to potentially exploit.

If using WordPress, get a firewall as a plug-in like Securi and/or WordFence. Also, consider going with the Pro version of CloudFlare ($20/mo/site)


#3

doesn’t look like ddos

the “apple-touch-icon” requests looks legit

the fonts requests also looks legit
I am not sure about the wp-cron.php requests as it could be legit requests depend on your wordpress settings but it also can be some security vulnerabilities scan like said


#4

The strange part is it is showing my own server IP.
Can a DOS happen from my own IP ?
After that I get database error on Wordpress.

Thanks


#5

I see it’s a “srv” subdomain. I’m not up on exactly how SRV works, but do you have a SRV DNS record that might be causing this to look like it’s coming from your own IP address?

Other than that, I agree with the others that this isn’t a DoS attack. It’s just a scan. It might even be a WordPress plugin that’s supposed to scan your site.


#6

Thanks for your answer.
That’s the name of my hostname on VPS.