My Nginx server error logs are flooded with requests like these:
2017/02/26 00:47:01 [error] 19158#19158: *2329634 access forbidden by rule, client: 2001:41d0:51:1::1510, server: status301.net, request: "HEAD /wp-content/plugins/wp-defender/vault/sample.bak HTTP/1.1", host: "bethhamidrash.org", referrer: "http://bethhamidrash.org/wp-content/plugins/wp-defender/vault/sample.bak"
(in this case, the host is a mapped domain)
These request seem to occur about once per second. Is that really necessary for security monitoring?