Tekniquelly correctNov 22

Another new Let's Encrypt-secured website, another case of getting 82 hacking attempts in the first 30 seconds after it came online for the first time ever.

Do. Not. Kid. Yourself. "Oh, I'll delete the config files once I get it working." "Eh, I'm just some nobody. Who's going to care?" Yeah, I'll tell you who: people who watch for new sites come online and then immediately slam them with hacking probes.

"I'll get to it soon" means you better do it within 3 seconds.

https://honeypot.net/2024/05/16/i-am-not.html

Honeypot.net

I am not exaggerating this: I created a new hostname in DNS, …

Show threadeska Nov 22

@tek I don't understand the point of your statement.

do you advocate for LetsEncrypt? Are you against it? Do you recommend any action in particular?
I am kind of a profane on this topic,,

Show threadMica 
@ankhZero @tek when you get a let's encrypt certificate, the associated domain names are published in a certificate transparency log. the original post is saying that attackers are monitoring those and trying to exploit newly set up servers before they're hardened
Nov 22 at 3:38pmWeb
Show threadTekniquelly correctNov 22
@mica @ankhZero Yep, that’s right. Let’s Encrypt is a fantastic service which I’ve donated money to. They’re making the Internet better. However, there are some annoying side effects inherent in the whole system, not because Let’s Encrypt did anything wrong, but because if you take the good, the bad is kind of unavoidable.