Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Blocked by ISP

Featured Replies

Hello everyone!

 

I got blocked by my isp and came to an conclusion it was the unraid server. When we turned the machine off we didnt got a message. As soon when we turned it back on the message started comming back. Any ideas?

 

VM's: N/A

Dockers: Nextcloud, MariaDB, LetsEncrypt

plugins: SSH

 

Sorry if my english is bad. it isnt my first language 🙂

 

Edited by RossEm

  • Replies 54
  • Views 6k
  • Created
  • Last Reply
  • Community Expert

Do you mean this is some sort of automated process that immediately sends you a message and blocks you when you run Unraid? Are you putting your server directly on the internet? (DON'T DO THAT!)

 

 

  • Author

What message?

Sadly I don't have a screenshot. It was a message that there were spam mails comming out of my IP. Contacted the abuse team. It was a virus they said.

 

What ISP?

KPN

 

What country?

The netherlands

 

What Details?

just said in what message

 

What Diagnostics?

Dont have any within the system

 

  • Author
1 minute ago, trurl said:

Do you mean this is some sort of automated process that immediately sends you a message and blocks you when you run Unraid? Are you putting your server directly on the internet? (DON'T DO THAT!)

 

 

the support team send a message when they get a notifacation on their systems. and what do you mean are you putting your system on the internet. I do run nextcloud?

  • Community Expert
2 minutes ago, RossEm said:

What Diagnostics?

Dont have any within the system

He gave you a link that explained how to get the diagnostics.

 

Here, I will tell you directly how.

 

Go to Tools - Diagnostics and attach the complete diagnostics zip file to your NEXT post.

  • Author
1 minute ago, trurl said:

He gave you a link that explained how to get the diagnostics.

 

Here, I will tell you directly how.

 

Go to Tools - Diagnostics and attach the complete diagnostics zip file to your NEXT post.

is it possible that i can connect to the unraid server without it on the internet. Dont want to lose my internet again

😕

Edited by RossEm

  • Community Expert

If you have a keyboard and monitor you can also work from the command line to get the diagnostics, as explained in that link already given.

  • Community Expert
2 minutes ago, RossEm said:

is it possible that i can connect to the unraid server without it on the internet. Dont want to lose it 😕

Is this a trial license? Do you know the difference between your network and the internet?

  • Author

No this is a paid version and yes my network is local and internet worldwide

 

Start the array and post a new set of diagnostics 

  • Author

i think a harddrive isnt plugged in. GUI mode isnt working either

 

30 minutes ago, RossEm said:

and what do you mean are you putting your system on the internet

He means that you've put your server into your router's DMZ or forwarded SSH ports to it for access from anywhere in the world.  The *implication* by having the SSH plugin installed is that you've done this.

 

Whether or not an OS is hardened against attacks or not, you really shouldn't do the above unless you know exactly what you're doing.  On the other hand, port forwarding for NextCloud is ok.

  • Author
3 minutes ago, Squid said:

He means that you've put your server into your router's DMZ or forwarded SSH ports to it for access from anywhere in the world.  The *implication* by having the SSH plugin installed is that you've done this.

 

Whether or not an OS is hardened against attacks or not, you really shouldn't do the above unless you know exactly what you're doing.  On the other hand, port forwarding for NextCloud is ok.

i do have portforwarded my UnRaid (port 22, port 180/80, port 1443/443) purly so i clould access al my files over the internet. Now i run nextcloud and the idea is kinda unnesessairy. And whats a DMZ?

Edited by RossEm

  • Community Expert
Just now, RossEm said:

i do have portforwarded my UnRaid. purly so i clould access al my files over the internet. Now i run nextcloud and the idea is kinda unnesessairy. And whats a DMZ?

So you have put your server on the internet. No wonder your ISP is blocking you and it's a good thing.

 

If we could have gotten system logs from you from while that was going on no doubt we would have seen IP addresses from all over the world trying to hack into your server.

 

The world is full of bots that constantly look for things to hack into and try relentlessly to do so, completely without human intervention.

  • Author

I do have an timestamp of when a message came. Is there a log save thingy?

 

Yeah well the minute you open up port 22, every single script kiddie is going to be attempting to hack you (all automated scans of every IP in the world).  You'll probably notice in your syslog thousands of attempted hacks.  Get rid of that forwarding.  You really shouldn't forward to 80 / 443 unless you're using a VPN server.

3 minutes ago, RossEm said:

I do have an timestamp of when a message came. Is there a log save thingy?

 

If your ISP has logs of your IP address sending email spam it is likely your system/a vm/a docker container was compromised and someone installed software on it. From the things you have posted so far I see nothing out of the ordinary but I can't say for sure without a set of diagnostics while the problem is happening.

 

EDIT: Unless you forwarded 25 as well and have a no authentication smtp server on the internet.

Edited by soja

  • Author

I'll send a link to the abuse team to this post. And see what say i should do. And what's wrong with opening port 443 and 80? And should i reinstall UnRaid?

 

Edited by RossEm

  • Community Expert
2 minutes ago, RossEm said:

 see what say i should do.

You should

6 minutes ago, Squid said:

Get rid of that forwarding.

 

  • Author

Should i reinstall UnRaid?

5 minutes ago, RossEm said:

I'll send a link to the abuse team to this post. And see what say i should do. And what's wrong with opening port 443 and 80? And should i reinstall UnRaid?

 

Try booting unraid with all of your docker containers turned off. Connect it to the internet and see if you get flagged again. If their abuse team can provide more information it would be helpful.

 

Information like:

Source port(25 for plain old smtp)

Abuse type(email spam, brute force, are they just flagging you for having 22 open to the internet?)

 

If you don't get flagged with your containers turned off turn them on one by one and see which one causes the issue.

Edited by soja

  • Author

those docker containers are quite nessecairy for me.

Just now, RossEm said:

those docker containers are quite nessecairy for me.

This would just be temporary for troubleshooting purposes

 

  • Community Expert

Just close the ports and see if the problem goes away

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.