| ▲ | wolvoleo 18 hours ago | |||||||
One time has to be the first and when you get hacked they're instantly inside your network unless you were smart enough to set up a DMZ or something. Especially if you host something like wordpress with plugins you really have to be on the ball with updates. | ||||||||
| ▲ | superkuh 15 hours ago | parent [-] | |||||||
For 20 years this was not really an issue. From 2010 to 2020 there wasn't a single nginx cve that applied to my simple static setup. There were literally only a handful of remote CVE at all. With the advent of LLM AI exploit finding there have been 2 CVE this year that I had to look in to. Neither actually applied to me, but it is a different world out there. That said, the practice of running a modern corporate web browser that auto-executes all programs sent to it from arbitrary unknown third parties is a way, way, way bigger and more common and likely attack surface than a simple static webserver serving files in directories. | ||||||||
| ||||||||