
Large-scale attack tries to steal configuration files from WordPress sites - LinuxBender
https://www.zdnet.com/article/large-scale-attack-tries-to-steal-configuration-files-from-wordpress-sites/
======
OrangeMango
It's not just WordPress config they're after. My logs are filled with
thousands of 404s for hundreds of different paths all containing a file called
".env"

I don't even have PHP installed, so I have Nginx set to 444 on anything with
php in the name. I suppose I should add env to the list, but seriously a $5 DO
droplet handles this without much effort.

