I run a search engine. It is big enough that it needs drives, caches, firewalls, VMs etc.
The front end is php. No classes, no phpadmin, etc. Just pure vanilla php.
Sometimes I tail /var access logs. People try all kinds of urls routinely fishing for weaknesses.
It's 2017. It is slow to code and keep the attack surface that minimal.
0 intrusions so far.
I run a search engine. It is big enough that it needs drives, caches, firewalls, VMs etc.
The front end is php. No classes, no phpadmin, etc. Just pure vanilla php.
Sometimes I tail /var access logs. People try all kinds of urls routinely fishing for weaknesses.
It's 2017. It is slow to code and keep the attack surface that minimal.
0 intrusions so far.