Jump to content
Fiservedpi

Repeated Access Attempts from Unknown IP

8 posts in this topic Last Reply

Recommended Posts

i was looking at my logs today and noticed about 50 login attempts from 213.160.9.138 which is not any of my known IP address's they tried many usernames from the usual to not so usual luckily t hey didn't get in but how can i prevent this.

 

Mar 13 04:40:24 Tower nginx: 2019/03/13 04:40:24 [error] 8807#8807: *188269 user "admin" was not found in "/etc/nginx/htpasswd", client: 213.160.9.138, server: , request: "GET /Main HTTP/1.1", host: "", referrer: ""
Mar 13 04:40:25 Tower nginx: 2019/03/13 04:40:25 [error] 8807#8807: *188273 user "admin" was not found in "/etc/nginx/htpasswd", client: 213.160.9.138, server: , request: "GET /Main HTTP/1.1", host: "", referrer: ""
Mar 13 04:40:26 Tower nginx: 2019/03/13 04:40:26 [error] 8807#8807: *188273 user "admin" was not found in "/etc/nginx/htpasswd", client: 213.160.9.138, server: , request: "GET /Main HTTP/1.1", host: "", referrer: "

 

Share this post


Link to post

Don't put your server direct on the internet! I don't get it why people thinking it's an good idea to have Unraid facing directly to the internet. 

  • Upvote 1

Share this post


Link to post

OK ill look into taking it down i don't really need to access unraid dash just my containers

Share this post


Link to post

Think about accessing your home network via a VPN first. Kinda easy to setup a VPN on your router or with an Open VPN docker. 

Share this post


Link to post

you may want to take unraid away from the internet asap, and instead run a docker reverse proxy and restrict the ports; or openvpn docker - it is the easier way I guess

Share this post


Link to post
Posted (edited)

Run your dockers in br0 and give them from unraid seperate ip addresses, so you can redirect just the ports needed to access the dockers to the specific dockers.

 

btw thats a static german ip adress... r u from germany?

Edited by nuhll

Share this post


Link to post

thanks everyone for the inputs ive since removed my dash from the WWW and just use it internally 

Share this post


Link to post
Posted (edited)

U should really dont forward ANY ports to unraid (!)

 

Its not hardend for beeing open to internet.

 

If you need to access something from outside, use br0 with its own ip adress (and forward only the specific port(s)).

 

e.g.

With br0 u can do

Unraid 192.168.0.2 (no port forwearding,. not accessable from outside)

Plex Server 192.168.0.10 (only forward the ports needed for plex to this ip)

Edited by nuhll

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now