Leaderboard

This sort of traffic is basically normal for any website that's been around for more than a few weeks. It's almost entirely malicious bots that are searching for things like a vulnerable Wordpress installation to break into or configuration files with database credentials so they can steal your data. The nginx errors are usually because the server is overloaded. That's pretty normal for Johnny when server load is up. Apache restarts can also cause these. They're less of an issue on Tommy and nonexistent on Morty. We generally just advise users to block unwanted traffic like this in .htaccess if they are causing load issues, though in your case you said they're hitting nonexistent files and getting 404 errors, which cause so little load that you likely won't even see it register on the load chart. We do not have an edge firewall or similar (we can't afford one due to our funding structure), though the server itself has a software firewall that we've used in severe cases to address an account under attack. If you're would like, you can also file an abuse report with the owners of the incoming IP addresses in question. You'll need to find the company that owns the IP (pretty easy to do by googling it), then follow whatever that company provides for an abuse complaint. I've had success reporting addresses that are based in the US and EU, but you're unlikely to receive responses from hosting companies in countries like Russia and China (if they even accept abuse reports), where this sort of activity is tolerated (if not legal).

Domain added. it can take up to 2 hours to start working.

I've added those subdomains to your account for you. Please note that it may take up to 2 hours for the changes to take effect. If after a full 2 hours they don't work on your side, please make sure you clear your web browser cache: https://wiki.helionet.org/Clear_Your_Cache

I just did some research on this, and even ignoring the "Why?" aspect of this, the behavior of .phps (colorized source view) is apparently a function specifically provided by the mod_php module for apache. It's not a function of PHP itself. Since Plesk does not use the apache module, this isn't supported. Your best bet is going to be a solution like Krydos suggested: Write a PHP script that displays another script's contents. Once you have that, you can probably be creative with .htaccess rewrite rules to make calls for .phps files redirect to that script with the requested file as a parameter to emulate the behavior.

Yeah, I don't really understand why you're even doing this. Why not make a PHP file that reads the contents of another .php, and displays the contents? That seems infinitely easier, and more secure. For instance, index_source.php could show the source of index.php.