SQL Injection Attempt2022-01-26 14:50:35
It's been an exciting morning indeed. I woke up to 1400+ emails from my email service saying I had 1400 new adds to one of my mailing lists! The bad news is, these 1400 new adds came within 2 minutes of eachother.
Yes indeed, one of my sites was nearly the victim of a SQL injection attack. Now this site in particular was especially bare bones, with no connection to a database, and no IP screening. Essentially I had set up a landing page with a form input that sends me an email. I didn't anticipate any traffic to this site, and so you can imagine my surprise when I woke up! Since then I have screened all the attempts and found nothing that would cause an issue (specifically as the site had no database to attack), and closed the forms on the site. The only negative impact of this attack is the $1 fee generated by my email provider for the 1400 emails. I'm going to chalk that $1 fee as a learning cost, teaching me that I should never leave a form open without security measures on a site, even if it does nothing.