Pentarou
Basic Pleskian
Hi everyone,
As I review my Plesk logs, I am increasingly concerned about the security of my server. I have updated Plesk to the latest version, enabled MFA, and utilize a private key for SSH login. Additionally, I employ an external firewall and have ensured that services such as the database cannot be accessed from outside sources.
However, my logs are increasingly displaying suspicious entries, such as instances where my database username is being used to log in to the mail server. I'm unsure where this information was obtained. Furthermore, I have observed entries like the one below, which correspond to a domain that I have not registered or associated with.
There are many more strange logs that indicates an attack, should I be worried?
As I review my Plesk logs, I am increasingly concerned about the security of my server. I have updated Plesk to the latest version, enabled MFA, and utilize a private key for SSH login. Additionally, I employ an external firewall and have ensured that services such as the database cannot be accessed from outside sources.
However, my logs are increasingly displaying suspicious entries, such as instances where my database username is being used to log in to the mail server. I'm unsure where this information was obtained. Furthermore, I have observed entries like the one below, which correspond to a domain that I have not registered or associated with.
2024-05-10 07:12:53 | WARNING | postfix/smtpd [3861286] | warning: hostname documents-elope.maximumglitter.com does not resolve to address 193.37.41.104 |
There are many more strange logs that indicates an attack, should I be worried?