Or, more specifically, does running Apache (using my primary computer as a webserver) leave me MORE vulnerable to hacking than I would be anyway?
Here’s a sample of the sort of things I see in my Apache access logs:
Most of these suspect queries involve WinNT, which I am not. (I have ME.) I am wondering if running the Apache server, in and of itself, leaves me open to these attempts, or if I’m open to them at all times, and only when I’m running Apache do I get the benefit of seeing a log of attempts?
Thanks, I’ll take my answer off the air. (In other words, if anyone is so kind as to reply, I thank you in advance and won’t post again unless I have something of value to add.)
To expand a little, running any service on your machine opens you up to the possibility that said service can be compromised. No program is 100% secure, and Apache is no exception.
Opening any port on your PC that would normally be closed or blocked by a firewall means that, in theory, you are less secure than not having it open.
However, Apache is one of the most secure servers made, so long as it is set up properly.
The things you are seeing in your logs are the sorts of virus/worm attacks Apache owners see every day - or in my case, every few minutes. One thing I did that got rid of a lot of them was to ban an enormous number of IP addresses, especially those in my subnet.
I have gigabytes of logs in which I can find tens of thousands of access attempts, flood attempts, spoofing and other tricks, probing, etc. None of them have succeeded. My server has transferred a bit more than 100 GB of data without a security breach. And thankfully, all of the trolls who really hate my community that have tried repeatedly to access my site and destroy it are really pretty stupid, uneducated people.
Just to add to what everyone else has said: those crack attempts, which look to be IIS cracks, all failed. Apache returned a 404 (File Not Found) error on them.
Apache is pretty secure and as long as you keep an eye out for security updates you’ll be fine.