Menu
In my nginx logs I get a lot of 404s from a number of IP addresses looking for a /.env file. I assume they are looking for some kind of vulnerability. I was just wondering what that vulnerability is. Why do so many people hope to find a /.env file on my webserver?
Here is an example from my logs file:
20.51.221.198 - - [20/Nov/2021:17:37:59 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Anarchy99"
602
They are searching for secrets like tokens, passwords and similar. When working with docker you can create a .env file to hold your environment variables in. If you do something wrong, you may end up sharing this file file with the whole world which is something the crawlers hope for.
166
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
