I've seen this spike through a few servers.
If you run joomla, wordpress, etc... don't forget - being security conscious isn't a bad thing. Get config files out of the root, keep stuff below eye-level. It seems basic but so many forget to do it.
Joomla and Co should really be pushing this sorta change though. Security updates there have been limited in the last few months.