ihaveskittles

I'm having the same issue. I updated the docker and my reverse proxy stopped working. I wished this worked for me, but it didn't. Any other ideas?

Thanks for the replies. They were most helpful. For the curious, I know how my server became vulnerable. About three weeks ago I had a major network issue (it completely broke) and long story short I ended up removing my firewall (Ubiquiti USG), because it stopped working. I saw this as an opportunity to install pfSense onto my server as a VM. However, life, work, and health kept me from completing this in a timely manner. Now four days ago I got my server back online (was offline) in preparation to install pfSense, in the hope of upcoming free time, and yesterday is when my server was breached. Apparently, I never turned the firewall from my ISP modem back on. To conclude, the rest of my devices on my network are fine, the network is secure again, IP address changed, and looking forward to combing through my server, connecting it back to the network and installing pfSense.

Found a similar post. Diagnostic was requested. server-diagnostics-20210318-0021.zip

Good to know, but please see my edited post. I posted by mistake before finishing the post.

An unknown docker container named "modest_ardinghelli" was installed and pinned my server. I believe it was mining. I'm obviously concerned with how it got there. My server is not open to the internet. Any tips on how to secure things and prevent this from happening again would be appreciated. Attached is the log I pulled from the docker. unknown docker log.txt