Comment by colechristensen
3 years ago
Most of those "attacks" are extremely low effort full-Internet searches for easily exploited software, effectively checking if you've left your front door open. Basic security practices make a very large proportion of them entirely harmless. (things like not having default usernames and passwords, not including configuration files to be hosted directly, having authentication turned on at all, etc.)
You'll want to be basic security knowledge for whatever services you are using, but being safe from these kinds of attacks really only requires the absolute minimum.
Problem is if you don't keep on top of updates, your server very quickly goes from well secured to a low effort target. There was one instance I remember where an exploit for router software was found and published at the same time the patch came out so routers were being exploited within hours, before their users even had time to update them.