>> "they" tried to open a phpAdmin.php page
If you start logging the incoming requests, and looking through them, you'll see all kinds of malicious requests. This is nothing new, it's been going on since we got our first permanent internet connection, and we hosted our own server (on a 64K diginet line <g>).
It's nothing personal - a vulnerability is found in say PHP, or Apache, or IIS, or Wordpress ro whatever, and so a program is written to continually scan IP addresses just trying the vulnerability. There are lots, and lots, of these scripts running. Of course most of the time they fail, regardless of server, but every so often they come across a machine they're looking for, so they mark that machine for attention (and move on.)
One advantage to being a very rare server (like NetTalk) is that there's basically no point trying to target NetTalk servers in this way. The effort is the same for say IIS, and the reward millions of times higher.
>> Sql insertion is on my to-do list however.
Assuming you are using NetTalk, and Clarion file drivers (and either no prop:sql, or only very careful prop:sql) then you are immune to Sql Injection. As far as I've been able to determine Sql Injection via the Clarion drivers is not possible - because of the way the drivers work.
As an aside - although it's not really visible, there's a lot of work that goes on in NetTalk to ensure that the level of security remains as high as it can be. NetTalk servers, by different developers, have been formally tested by external testing houses and from those reports we tweak and touch until each time it passes with a 100% score.
Cheers
Bruce