Jump to content

Maybe they are trying to hack me?


Recommended Posts

Today, browsing through the logging logs, I discovered this. It's normal?

 

Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.104 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.097 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.097 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.060 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.060 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.060 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.060 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.060 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.060 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.060 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.016 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.016 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.016 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.016 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.016 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.016 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.016 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.016 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.981 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.981 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.981 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.981 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.981 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.981 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.969 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.969 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.969 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.969 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.969 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.969 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.969 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.969 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.967 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"
Jul 20 21:33:04 Mod nginx: 2021/07/20 21:33:04 [error] 3790#3790: *520412 limiting requests, excess: 20.953 by zone "authlimit", client: 114.229.45.37, server: , request: "GET /login HTTP/1.1", host: "2.234.127.249"

 

Link to comment

Yes, thanks. 

 

A computer at 114.229.45.37 is trying to login to your webgui.

 

The first step is to lock the system down - if it is in your router's DMZ, remove it. If you have any ports forwarded to the server, disable them. For more details see:
  https://unraid.net/blog/unraid-server-security-best-practices

 

Then once the messages stop you can look at setting up remote access through the My Servers plugin and/or WireGuard VPN.

 

I also highly recommend installing the Fix Common Problems plugin, it will alert you if it detects any other configuration issues.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...