

6·
2 months agoA very effective first step is to put it on a vhost with a domain you control, and drop traffic to the default vhost. 99.999% of scanners are just going through IPs looking for stuff, so don’t give them anything. Better yet, block any IP that scans you more than a dozen or so times.
Obviously some stuff will find you through cert issuance logs, but most of the bastards don’t bother with that level of sophistication.
There’s probably a bunch of permissions errors, filesystems warnings for cross-filesystem mounts or links, etc. all going to stderr. Linux output streams are a bit odd, 1 is stdout and 2 is stderr. So the command is redirecting the “noise” to null and just printing the actual command output. That would be my assessment, but OP could probably give a more correct answer…!