No problems with nodebb, just an observation of so many people wasting their lives trying to hack others. Some having the potential to be highly skilled and well paid folks but instead spend their time trying to hurt others.
I put a site online just to test a few things. It's not advertised or mentioned anywhere yet but look at the stats. Lots of hits from bots, most presumably looking for Wordpress sites. I just thought it was interesting and wanted to share.
Well, I wasn't posting looking for technical information but now you have me curious :).
Looking at the logs, they strongly suggest automated bot activity. Hits from Googlebot and other search crawlers WordPress vulnerability scanners Automated scanning tools like ZGrab
Are these triggering login attempts either by mistake or as part of their crawling process? Googlebot, for example, accesses various URLs, including login pages, and might cause login events.
Many of the requests are targeting /wp-admin/setup-config.php, /wordpress/wp-admin/setup-config.php, /xmlrpc.php, /wlwmanifest.xml, and similar WordPress-related URLs.
Since it's not a WP site, are these requests resulting in redirects or 301 responses, but getting counted in access logs that result in the dashboard stats?
@NodeHam yeah, I'm not sure. That's what's going to need looking into.