Curious about a response in the logs I’m seeing.
Surprise, surprise, surprise (NOT) I’m seeing my endpoint hit with a ton of bogus URLs probing various known endpoints (solr admin, wp admin, etc.).
My (very simple) Go Gin api service responds with 404s across the board, except for this:
2021-05-14T07:53:46.006Z app[b15f517f] iad [info] [GIN] 2021/05/14 - 07:53:46 | 404 | 1.402µs | 188.8.131.52 | POST “/HNAP1/”
2021-05-14T07:53:51.394Z proxy[b15f517f] fra [error] error.code=1 error.message=“Undocumented” request.method=“POST” request.url="/HNAP1/" request.id=“01F5MXVSFVD4PX5NJK94CXT9NX” response.status=502
The /HNAP1/ thing is trying to hack some brands of internet router.
Important note: the /HNAP1/ endpoint is not handled by my app, and so should just give a 404 like everything else.
I’m using caddy in my container to be a reverse proxy, but if I run the container on my local machine, I just get a 404. So I’m guessing the proxy line here is, perhaps, something that fly.io is doing?
Thanks for any clues!