Go to advanced search

by raspi-owner
Sun Dec 22, 2019 1:34 am
Forum: Beginners
Topic: Is it dangerous to leave the pi connected to the internet ??
Replies: 11
Views: 831

Re: Is it dangerous to leave the pi connected to the internet ??

DougieLawson wrote:
Sun Dec 22, 2019 12:59 am
You must change the password. Userid=pi with password=raspberry is known universally.
Ok, i got it thank's
by raspi-owner
Sun Dec 22, 2019 12:08 am
Forum: Beginners
Topic: Is it dangerous to leave the pi connected to the internet ??
Replies: 11
Views: 831

Re: Is it dangerous to leave the pi connected to the internet ??

Ok, so what about ssh it self, do i need to change the username and password even for home use, and after enabling it do i need to change it's conf file to strict the connection to my ip only or leave it as it is ??
by raspi-owner
Sat Dec 21, 2019 11:47 pm
Forum: Beginners
Topic: Is it dangerous to leave the pi connected to the internet ??
Replies: 11
Views: 831

Is it dangerous to leave the pi connected to the internet ??

Hi, i have a raspberry pi 3 b and i want to leave it connected to the internet for my needs, but i keep finding in forums that it's dangerous to do that since hackers can get access to it. Here is what i want to do : 1) leave the pi connected as i said earlier. 2) connect to it via ssh, only at home...
by raspi-owner
Fri Nov 03, 2017 7:33 pm
Forum: Beginners
Topic: web server with vpn ??
Replies: 1
Views: 766

web server with vpn ??

Hi, i want some info about this:

1) Does a vpn work with a webserver ? and if so,can it work with no-ip ?

2) Does the vpn change my public ip or my LAN ip ?

3) Does a vpn add security to the webserver ?

thank's :)
by raspi-owner
Mon Oct 16, 2017 8:53 pm
Forum: Beginners
Topic: can a hacker guess folder name ??
Replies: 1
Views: 352

can a hacker guess folder name ??

Hi, i have a folder with the name: host_2 and in my logs i found that someone could get the name of my folder and got access to my wordpress website from there with the "GET" methode..so how did he do that ?? and can he access my data base and everything (becuase i didn't make wordpress secure)
by raspi-owner
Fri Oct 13, 2017 3:29 pm
Forum: Beginners
Topic: is mod_security working correctly ??
Replies: 1
Views: 656

Re: is mod_security working correctly ??

can anyone help ??
by raspi-owner
Thu Oct 12, 2017 6:17 pm
Forum: Beginners
Topic: is mod_security working correctly ??
Replies: 1
Views: 656

is mod_security working correctly ??

here is what i get in the logs: Message: Warning. Matched phrase "WPScan" at REQUEST_HEADERS:User-Agent. [file "/usr/share/modsecurity-crs/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "59"] [id "913100"] [rev "2"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: WPS...
by raspi-owner
Wed Oct 11, 2017 2:21 pm
Forum: Beginners
Topic: what is this in my access.log ??
Replies: 6
Views: 3801

Re: what is this in my access.log ??

SurferTim wrote:
Wed Oct 11, 2017 2:16 pm
A 200 is a success. No apparent security problem there. The client was sending a POST request instead of a GET for your home page.
thank's, i thought that i was hacked after all security and tests that i have made..have a nice day :)
by raspi-owner
Wed Oct 11, 2017 2:13 pm
Forum: Beginners
Topic: what is this in my access.log ??
Replies: 6
Views: 3801

Re: what is this in my access.log ??

The first set you posted were requesting your home page (GET / HTTP1.1). 51.15.58.234 - - [10/Oct/2017:14:17:35 +0200] "GET / HTTP/1.1" 200 376 The next set were requesting your php or cgi setup pages if you were ignorant enough to have them installed. The requests for them failed. 209.66.128.2 - -...
by raspi-owner
Wed Oct 11, 2017 1:54 pm
Forum: Beginners
Topic: what is this in my access.log ??
Replies: 6
Views: 3801

Re: what is this in my access.log ??

SurferTim wrote:
Wed Oct 11, 2017 1:49 pm
I'm not saying they didn't hack you, but those all that would be important or vulnerable look like fails (error 404).
thanks, but i dont understand why they get the "200" aka "ok" message in some of them ??
by raspi-owner
Wed Oct 11, 2017 1:39 pm
Forum: Beginners
Topic: what is this in my access.log ??
Replies: 6
Views: 3801

what is this in my access.log ??

51.15.58.234 - - [10/Oct/2017:14:16:47 +0200] "GET / HTTP/1.1" 200 432 "-" "Wget/1.16 (linux-gnu)" 51.15.58.234 - - [10/Oct/2017:14:17:35 +0200] "HEAD / HTTP/1.1" 200 374 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.0 Safari/536.6" 51.15.58.234 - -...
by raspi-owner
Fri Sep 29, 2017 6:33 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

after some research i found that it's not a big deal and that hacker is runnig some kind of proxy server that search for other servers to put in that kind of file,so i guess i must make mine more secure to prevent similar hacks.
by raspi-owner
Fri Sep 29, 2017 6:26 pm
Forum: Beginners
Topic: trying to install apache with "sudo apt-get install apache2 -y" failed
Replies: 16
Views: 6219

Re: trying to install apache with "sudo apt-get install apache2 -y" failed

maybe you must do a "sudo apt-get update" and "sudo apt-get upgrade" than restart installing apache2.

edit: yeah as you said.
by raspi-owner
Thu Sep 28, 2017 3:25 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

is it because fail2ban start ssh and apache no script jails only ??
by raspi-owner
Thu Sep 28, 2017 3:23 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

ShiftPlusOne wrote:
Thu Sep 28, 2017 3:22 pm
Was it a strong password? I think it's important to figure out what happened here.
yep it was and i have wordpress (in another folder) with some plugins
by raspi-owner
Thu Sep 28, 2017 3:05 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

did you leave the rpi open to the internet with user pi / default password? no,not at all.. i created a new username with a new password and deleted the pi user plus i have found that this guy have had the same problem as me : https://www.digitalocean.com/community/questions/apache-error-wp-login-p...
by raspi-owner
Thu Sep 28, 2017 2:29 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

do you recommand me to restart everything from zero because i checked for apache no script and it seem working ??
by raspi-owner
Thu Sep 28, 2017 2:23 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

Martin Frezman wrote:
Thu Sep 28, 2017 2:15 pm
in the log of fail2ban it show the ip of the hacker
I don't see that in any of the OP's posts (i.e., you are the first to post it).

Have you been in PM with OP (so you know things about the case that are not in the thread) ?
didn't understand what you mean (sorry) can you explain ??
by raspi-owner
Thu Sep 28, 2017 2:19 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

Have you somehow disabled [apache-noscript] port = http,https logpath = %(apache_error_log)s in fail2ban, because that jail should catch tests for non-existent php scripts and block the remote user? Are you running fail2ban 0.9.6-2 or an earlier version? testproxy.php has been a hack attempt for ab...
by raspi-owner
Thu Sep 28, 2017 2:11 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

Isn't it more likely that there is no problem here at all? Modern software tends to create all kinds of temporary files, with sometimes somewhat suspicious names, all the time. We've come to accept it. They can't possibly document all the various files and temporary files that they create. You just...
by raspi-owner
Thu Sep 28, 2017 2:05 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

Re: someone puted a file on my server !!

1) remove port forwarding on your router 2) shut down the RPI 3) download a new version of raspbian and put it on a new SDcard 4) add a new user and disable the user pi 5) create a new version on your RPi server machine 6) recover any files off your old sdcard not exectuables . did you leave the rp...
by raspi-owner
Thu Sep 28, 2017 1:53 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 2181

someone puted a file on my server !!

hi, i have recently got a random php file: "testproxy.php" on my server..how can someone hack into my folder and put it there,please help !!
by raspi-owner
Mon Aug 28, 2017 12:42 am
Forum: Networking and servers
Topic: port forwarding or dmz ??
Replies: 6
Views: 4194

Re: port forwarding or dmz ??

will do my best to learn more about all this stuff..thank's for the answers.
by raspi-owner
Sun Aug 27, 2017 10:15 pm
Forum: Networking and servers
Topic: port forwarding or dmz ??
Replies: 6
Views: 4194

Re: port forwarding or dmz ??

No they won't if you apply some sensible security controls. https://www.raspberrypi.org/documentation/configuration/security.md i did almost everything in that tutorial expect ssh key login and customizing the ufw..plus my fail2ban jail.local doesn't match with the one in the website (i have sshd i...
by raspi-owner
Sun Aug 27, 2017 8:49 pm
Forum: Networking and servers
Topic: port forwarding or dmz ??
Replies: 6
Views: 4194

Re: port forwarding or dmz ??

Port forward and firewall is ALWAYS the better choice. If you put any machine in a DMZ that opens ALL ports, your firewall rules need to be much more robust as you're relying on them to keep the baddies out. but what if i got hacked with port forwarding...the hacker will be able to see the other de...

Go to advanced search