Should I do something about this possible attacks in my django App?

Question

I've set my django 1.8 app to warn me when some user gets 404 or any crash. Then I started constantly getting emails from my server pointing to requests like this one:

Referrer: <my_ip>:80/web-console/ServerInfo.jsp
Requested URL: /web-console/ServerInfo.jsp
User agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 2Pac; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
IP address: 127.0.0.1

And this one:

Referrer: <my_ip>:80/invoker/JMXInvokerServlet
Requested URL: /invoker/JMXInvokerServlet
User agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 2Pac; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
IP address: 127.0.0.1

It's a huge number of different url's. It seems a server is shooting tons of requests to several servers trying to discover some entrypoint to attack. Right?

My question is: should I do something? Assuming I don't even use the technologies this requests are looking for? Can this cause me any damage?

Answer 1

A few days ago security researchers has disclosed a very critical vulnerability on Java Serialization methods (Details : http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/) .Right after that publication, I've seen some exploitation attempts in the wild that try to exploit exactly same vulnerability . I'm telling this story because your log shows exactly same exploitation attempts. As long as you DON'T support Jboss or other Java technologies on your server, you will be secure against these kind of attacks.