I don’t have SQL on my weather sites either, and I see the daily rain of IP addresses trying wp-login.php, wp-admin/index.php, etc and the occassional URL encoded SQL compromise string … no harm, no foul. the obnoxious ones, I block their CIDR in .htaccess and convert their requests from 404s to 403s… they still try.
After the Marai botnet software was open-sourced, a LOT of new botnets sprang up looking for IoT to compromise, and looking for servers to bend to spam hosts/phishing sites/ransomware distribution sites.
The net is now a noisy (and hostile) place… good to keep the defenses up and sites with minimal exposures to the miscreants. I don’t like them ‘walking across my lawn/rattling my doorknob’ either, but… I choose to continue publishing stuff that others may find useful on my sites and keep the defenses in depth.
Here’s a count, host, HTTP-return code analysis of yesterday on my WX sites
1642 eastcoastweather.net 200
298 eastcoastweather.net 301
266 eastcoastweather.net 404
32 eastcoastweather.net 500
1521 midatlanticweather.net 200
1201 midsouthweather.net 200
330 midsouthweather.net 301
170 midsouthweather.net 304
264 midsouthweather.net 404
18 midsouthweather.net 500
2566 northeasternweather.net 200
3595 northwesternweather.net 200
1005 plainsweather.net 200
26 plainsweather.net 301
167 plainsweather.net 404
16 plainsweather.net 500
294995 saratoga-weather.org 200
49145 saratoga-weather.org 301
904 saratoga-weather.org 403
206 saratoga-weather.org 500
1068 sk.westerncanadawx.net 200
1250 westerncanadawx.net 200
16 westerncanadawx.net 301
2 westerncanadawx.net 304
404 westerncanadawx.net 404
31 westerncanadawx.net 500
Looking at the WordPress ‘tries’ shows
55 104.218.219.24 Karib Cable, KARIB-CABLE-KELCOM-INTERNATIONAL, Kingstown, VC (Frenches Gate)
33 198.204.253.58 Data Shack[htaccess]
19 94.67.235.208 OTENET, OTEnet, GR (Greece)
19 92.160.70.53 FR-TELECOM-20070712, Orange S.A., FR (69214 LYON CEDEX 02)
19 77.242.29.225 Abissnet sh.a., Albania
19 75.68.234.22 Comcast Cable Communications Holdings, Inc
19 62.212.55.48 GE-EGRISI-ADSL7, GE-EGRISI-20131707, GE (Tbilisi, Georgia)
19 49.206.157.240 Route object for 49.204.64.0/18, BEAMTELE-IN, IN (India)
19 39.55.161.15 PTCLBB-PK, PK (Islamabad, Pakistan)
19 31.10.147.17 UPC Cablecom GmbH, Switzerland
19 190.246.254.107 CABLEVISION S.A., AR (1605 - Munro - BA)
19 178.233.241.76 TURKSAT-NET, Turksat Internet Services, TR (Konya Yolu 40. Km. Golbasi Ankara/TURKEY)
19 167.249.40.82 -------- Colombia, Cundinamarca, Cota
19 139.218.185.247 M2-DODO-AU, AU (Sydney NSW 2000)
18 81.234.253.156 TeliaSonera AB, Sweden
18 185.104.192.93 IR-EGRK-20150615, EGRK-Route, IR (4th floor - No 141 - between 4th & 5th Negarestan - Pasdaran avenue - Tehran - Iran)
17 89.73.176.210 UPC Polska Sp. z o.o.
17 83.132.134.1 NOS, NOS COMUNICACOES S.A., PT (1069-203 Lisboa)
17 82.155.14.197 PT Comunicacoes S.A., Portugal
17 5.198.33.253 STATICPOOL-KCOM, KCOM-NET010-20120824, GB (HU1 3RE)
17 46.193.0.82 WIFIRST-NET, WIFIRST SAS Network, FR (France)
17 41.225.72.149 Agence Tunisienne Internet - ATI, Tunisia
17 24.45.118.106 Optimum Online, United States
17 175.100.133.119 YOU Broadband & Cable India Ltd., YOUTELE, IN (India)
17 161.0.255.17 Columbus Communications Trinidad Limited., TT (- - Port Of Spain - -)
17 144.48.225.94 COSMOS-IN, IN (49/1, Mitra Para Road, P.O- Naihati, Dist.- North 24 Parganas, Naihati West bengal 743165)
17 124.190.72.168 ACT 2601, TELSTRAINTERNET44-AU, AU (ACT 2601)
17 115.133.57.27 TMNST, ADSL-STREAMYX, MY (Jalan Pantai Baru, Kuala Lumpur.)
17 105.103.169.166 TA23-new, DZ (Alger)
… the background ‘noise’