We highly recommend you stay up to date for the latest security fixes.
This looks more like a cacheing issue though. You can try running a rebuild and restart, that should reset the cache buster.
at SendStream.error (/home/user/nodebb/node_modules/express/node_modules/serve-static/node_modules/send/index.js:245:17)
16/5 00:43  - [31merror[39m: /wp-login.php
no such path. They still have things like this in the logs.
@pikshub that would be a bot scanning your site for the wordpress login page, hoping to find a vulnerable wp install it can infect with malware.
they're pretty common, and annoying, but unless you are also running wordpress, or they seem to be causing problems for your site, i'd ignore them as noise in the log files.
@accalia It would be fun to build a plugin that listens on those routes, just to jerk these bots around
How do I prevent this?
The bots or the log messages?
@pikshub the bots?
not much you can do to prevent them.
like i said, unless they are causing performance problems for your site, ignore them. they're trying to hack software you aren't even running, so they've got no chance of success there.
@accalia Thanks for feedback