I use the same technique in the real world if there is a fairly easy way to spoof it I would like to know how. Several I did for work are behind a fairly secure firewall for internal use only (which means thousands could access it) but still somewhat sensitive data that I would like to keep secure. I also use it on a home machine exposed to the internet (http/ssh). It has been up for years without a problem, but I used to get up to hundreds ssh hack attempts on a bad day (mostly Chinese), down to a couple nowadays.

I could change scripting lang and db server type but most likely wouldn’t be more secure. Frankly for me I am in more danger of somebody walking out of my apartment with my servers.