DjW0mbat

Yeah I already installed it to make sure the original issue had been resolved, looks like there are only a few minor (non-network-related) tweaks remaining

Thanks so so much for this, that is SUCH a relief! Fingers have been well and truly burned haha, I will be sure to take much more care moving forward...

Thanks so much for your help and your time @JonathanM and @trurl, do you think it looks like someone ended up gaining access to my server? It sounds like if they had my files would have been far more corrupted? It would give me great peace of mind if you could tell me that. Thanks again for all the help!

Okay, and how could I access the go file? I'm looking through things in the safe mode GUI and it seems that everything is relatively normal. Does this mean that I wasn't hacked? I have some sensitive data on there so I would really like to be able to see if that was accessed/copied. I also still can't seem to access the server through it's fixed IP which is worrying me, what could that mean? Sorry for all the questions, this has made me really anxious! Lesson well and truly learned...

Yeah I did I’ve currently taken the Ethernet cable out to avoid any further issues, I booted into the gui directly, hoping to see if I can figure out what happened from there, where should I look for evidence of hacking?

I just checked and found that the server seems to have been in the DMZ... really really concerning I think I put it in there early on and forgot to remove it, completely stupid thing to do!! I have a strong root password, how long would it have taken for my server to get compromised? I really need to be able to see which data would have been accessed etc. Tried turning on the server but I can't seem to access it locally anymore. What's going on?

Thanks @ChatNoir, I don't see anything in the above post that seems to be a clear deficiency, but I have created a new thread in the security forum, hoping someone will be able to point me in the right direction. Thanks for flagging this!

Hi all! I started a completely different question relating to my access to my Plex media and the apparent disappearance of the port mapping in my docker here, but someone pointed out a bunch of dodgy activity going on, with spammed connections coming in from worrying locations. I have shut the server down since and am desperately trying to figure out what went wrong. Does anyone know (i) if I might have already been compromised somehow, and/or (ii) what mistakes I have made here? There should only be two open ports on my router, 51820 for WireGuard and 32400 for Plex. I also have the cloud flare dyndns docker that tracks my IP address and is liked to my cloudlfare to point to my domain, but I have not managed to get that working yet. I would really appreciate any help on this, obviously it's quite a stressful thing to see. Thanks in advance! mackiemedia-diagnostics-20210818-0932 2.zip

Oh wow this is super worrying! I have immediately shut the server down. Is there anything in my diagnostics that could point to the problem? There are only two points that are open on my router, 82100 for WireGuard and 32400 for Plex. I also have a DynDns docker that tracks my IP address and that is liked to my cloudlfare to point to my domain, could any of these be the issue? Other than that I can’t think how the server would be accessible from the internet! Really concerning, is there any evidence of anyone having gotten in? Thanks in advance!

Apologies! My situation is the former, I am running binhex's Plex docker on my unraid server and all of a sudden I cannot access any of the content on my Unraid server through either the webui or other devices connected to my plex account (this was previously working well for around a month or so). Please let me know if you need to give any further clarifications, I really appreciate your responsiveness

Hi everyone, I'm still relatively new to unraid and have had this issue for the last 24 hours, been looking for answers non stop but can't seem to find a solution. Plex cannot seem to connect to my server and I have no idea why, does anyone know? Thanks in advance! mackiemedia-diagnostics-20210818-0932.zip

Did you end up finding a solution to this? I have the same motherboard and want to save my GPU for a gaming VM/hardware transcoding.