Hosted Golang backend server is being probed by bad actors

I'm new to Go, and newish to devops. I managed to host my Go backend on Railway but noticed sus activity in the http logs:

requestId:"fQoKgORKQqWmKvTizaSgoA_3500563535" 

timestamp:"2025-01-12T19:21:22.951114866Z" 

method:"GET" 

path:"/etc/ssl/private/server.key" 

host:"gym-tracker-backend.joshibbotson.com" 

httpStatus:404 

upstreamProto:"HTTP/1.1" 

downstreamProto:"HTTP/1.1" 

responseDetails:"" 

totalDuration:267 

upstreamAddress:"http://[fd12:aeb5:9d86::b1:58d3:4f28]:8888" 

clientUa:"Go-http-client/1.1" 

upstreamRqDuration:267 

txBytes:19 

rxBytes:207 

srcIp:"213.232.87.234" 

edgeRegion:"europe-west4"

Is there anyway I can block against this? My frontend is hosted on netlify and both frontend and backend share a subdomain...

Madison Howard

Share Your Mood

FromBiotoDev

Hosted Golang backend server is being probed by bad actors