all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Bots Scraping For Insecure Sensitive Files

Add to bookmarks
Dec. 23, 2023, 7:37 a.m. | /u/rizwan47

cybersecurity www.reddit.com

While setting up a new project on a live domain, I forgot to deny .env file in nginx config after uploading the .env file. It was up for a moment and I immediately added the rule.

To be safe, I checked access logs to be safe that someone didn't download the .env file during that time (it was merely a minute) and although no one accessed /.env during that time but to my surprise, there are hundreds of requests matching …

access bots cybersecurity domain download env file files insecure live logs nginx project safe scraping sensitive

Visit resource

More from www.reddit.com / cybersecurity

China hacked Ministry of Defence, Sky News learns an hour ago | www.reddit.com
china cybersecurity defence hacked +2
Apple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should Know 7 hours ago | www.reddit.com
apple cybersecurity iphone problem +1
Thoughts on forcing users to see aliases instead of emails in Microsoft? 7 hours ago | www.reddit.com
address alias cybersecurity email +7
Change Healthcare cyberattack: 5 technical takeaways from UnitedHealth CEO’s testimony 7 hours ago | www.reddit.com
ceo change change healthcare cyberattack +6
Is it worth it? What would you do? 8 hours ago | www.reddit.com
application course cybersec cybersecurity +3
20 Security Issues Found in Xiaomi Devices 8 hours ago | www.reddit.com
cybersecurity devices found security +2
Tinyproxy HTTP Connection Headers use-after-free vulnerability 8 hours ago | www.reddit.com
cybersecurity free headers http +3
PaloAlto GlobalProtect VPN installer inside official Asus server bios zip archive 9 hours ago | www.reddit.com
archive cybersecurity doubt download +7
Lockbit's seized site comes alive to tease new police announcements 9 hours ago | www.reddit.com
announcements cybersecurity lockbit police +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Privacy Engineer, Implementation Review

@ Meta | Menlo Park, CA | Seattle, WA
View on infosec-jobs.com

Cybersecurity Specialist (Security Engineering)

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com

SOC Analyst

@ Rubrik | Palo Alto
View on infosec-jobs.com

Consultant Tech Advisory H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com
View more jobs