I generated 16 character (upper/lower) subdomain and set up a virtual host for it in Apache, and within an hour was seeing vulnerability scans.
How are folks digging this up? What’s the strategy to avoid this?
I am serving it all with a single wildcard SSL cert, if that’s relevant.
Thanks
Edit:
- I am using a single wildcard cert, with no subdomains attached/embedded/however those work
- I don’t have any subdomains registered with DNS.
- I attempted dig axfr example.com @ns1.example.com returned zone transfer DENIED
Edit 2: I’m left wondering, is there an apache endpoint that returns all configured virtual hosts?
Edit 3: I’m going to go through this hardening guide and try against with a new random subdomain https://www.tecmint.com/apache-security-tips/
I don’t think so? I have a letsencrypt wildcard cert, and reference that in the relevant .conf
deleted by creator
Even with a wildcard cert?
Yeah I’m not sure about that so I deleted the comment. But just try it out: install it and see what it shows you, and then work from that.
@BonkTheAnnoyed@lemmy.blahaj.zone mmm wait your logs show the new domains being targeted specifically?
Yep. They show up in the other_hosts…log