Error in log from external (outside my LAN) IP addresses

[theone]

 

I am getting random "errors" and "crit" in log file related to external (outside my LAN) IP addresses.

Does anyone know where this is coming from? What the source of the problem is?

 

May 19 01:47:28 Tower nginx: 2021/05/19 01:47:28 [error] 18420#18420: *6209 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 97.74.229.113, server: , request: "GET /admin//config.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "213.57.157.27"
May 19 08:04:08 Tower root: error: /GponForm/diag_Form?style/: missing csrf_token
May 19 09:20:09 Tower root: error: /api/jsonws/invoke: missing csrf_token
May 19 09:20:10 Tower nginx: 2021/05/19 09:20:10 [error] 18420#18420: *74816 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 45.155.205.109, server: , request: "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "213.57.157.27:443"
May 19 09:20:11 Tower nginx: 2021/05/19 09:20:11 [error] 18420#18420: *74827 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 45.155.205.109, server: , request: "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "213.57.157.27:443"
May 19 09:20:14 Tower nginx: 2021/05/19 09:20:14 [error] 18420#18420: *74837 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 45.155.205.109, server: , request: "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "213.57.157.27:443"
May 19 13:38:40 Tower nginx: 2021/05/19 13:38:40 [crit] 18420#18420: *119537 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 192.241.221.40, server: 0.0.0.0:443
May 19 15:54:03 Tower nginx: 2021/05/19 15:54:03 [crit] 18420#18420: *143184 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 23.129.64.253, server: 0.0.0.0:443
May 19 16:07:43 Tower nginx: 2021/05/19 16:07:43 [error] 18420#18420: *145629 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 97.74.229.113, server: , request: "GET /admin//config.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "213.57.157.27"

 

In between there are also the following lines - What do they mean:

May 19 08:04:08 Tower root: error: /GponForm/diag_Form?style/: missing csrf_token
May 19 09:20:09 Tower root: error: /api/jsonws/invoke: missing csrf_token

 

Is someone trying to hack my server?

 

[itimpi]

Is your server directly exposed to the internet or been put into your routers DMZ?    UnRaid is not hardened enough against attacks to make this safe.

 

the csrf token messages are saying that a web request has been made that do not include a valid UnRaid security token.