Go to advanced search

by raspi-owner
Fri Nov 03, 2017 7:33 pm
Forum: Beginners
Topic: web server with vpn ??
Replies: 1
Views: 642

web server with vpn ??

Hi, i want some info about this:

1) Does a vpn work with a webserver ? and if so,can it work with no-ip ?

2) Does the vpn change my public ip or my LAN ip ?

3) Does a vpn add security to the webserver ?

thank's :)
by raspi-owner
Mon Oct 16, 2017 8:53 pm
Forum: Beginners
Topic: can a hacker guess folder name ??
Replies: 1
Views: 317

can a hacker guess folder name ??

Hi, i have a folder with the name: host_2 and in my logs i found that someone could get the name of my folder and got access to my wordpress website from there with the "GET" methode..so how did he do that ?? and can he access my data base and everything (becuase i didn't make wordpress secure)
by raspi-owner
Fri Oct 13, 2017 3:29 pm
Forum: Beginners
Topic: is mod_security working correctly ??
Replies: 1
Views: 574

Re: is mod_security working correctly ??

can anyone help ??
by raspi-owner
Thu Oct 12, 2017 6:17 pm
Forum: Beginners
Topic: is mod_security working correctly ??
Replies: 1
Views: 574

is mod_security working correctly ??

here is what i get in the logs: Message: Warning. Matched phrase "WPScan" at REQUEST_HEADERS:User-Agent. [file "/usr/share/modsecurity-crs/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "59"] [id "913100"] [rev "2"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: WPS...
by raspi-owner
Wed Oct 11, 2017 2:21 pm
Forum: Beginners
Topic: what is this in my access.log ??
Replies: 6
Views: 3450

Re: what is this in my access.log ??

SurferTim wrote:
Wed Oct 11, 2017 2:16 pm
A 200 is a success. No apparent security problem there. The client was sending a POST request instead of a GET for your home page.
thank's, i thought that i was hacked after all security and tests that i have made..have a nice day :)
by raspi-owner
Wed Oct 11, 2017 2:13 pm
Forum: Beginners
Topic: what is this in my access.log ??
Replies: 6
Views: 3450

Re: what is this in my access.log ??

The first set you posted were requesting your home page (GET / HTTP1.1). 51.15.58.234 - - [10/Oct/2017:14:17:35 +0200] "GET / HTTP/1.1" 200 376 The next set were requesting your php or cgi setup pages if you were ignorant enough to have them installed. The requests for them failed. 209.66.128.2 - -...
by raspi-owner
Wed Oct 11, 2017 1:54 pm
Forum: Beginners
Topic: what is this in my access.log ??
Replies: 6
Views: 3450

Re: what is this in my access.log ??

SurferTim wrote:
Wed Oct 11, 2017 1:49 pm
I'm not saying they didn't hack you, but those all that would be important or vulnerable look like fails (error 404).
thanks, but i dont understand why they get the "200" aka "ok" message in some of them ??
by raspi-owner
Wed Oct 11, 2017 1:39 pm
Forum: Beginners
Topic: what is this in my access.log ??
Replies: 6
Views: 3450

what is this in my access.log ??

51.15.58.234 - - [10/Oct/2017:14:16:47 +0200] "GET / HTTP/1.1" 200 432 "-" "Wget/1.16 (linux-gnu)" 51.15.58.234 - - [10/Oct/2017:14:17:35 +0200] "HEAD / HTTP/1.1" 200 374 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.0 Safari/536.6" 51.15.58.234 - -...
by raspi-owner
Fri Sep 29, 2017 6:33 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

after some research i found that it's not a big deal and that hacker is runnig some kind of proxy server that search for other servers to put in that kind of file,so i guess i must make mine more secure to prevent similar hacks.
by raspi-owner
Fri Sep 29, 2017 6:26 pm
Forum: Beginners
Topic: trying to install apache with "sudo apt-get install apache2 -y" failed
Replies: 16
Views: 5492

Re: trying to install apache with "sudo apt-get install apache2 -y" failed

maybe you must do a "sudo apt-get update" and "sudo apt-get upgrade" than restart installing apache2.

edit: yeah as you said.
by raspi-owner
Thu Sep 28, 2017 3:25 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

is it because fail2ban start ssh and apache no script jails only ??
by raspi-owner
Thu Sep 28, 2017 3:23 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

ShiftPlusOne wrote:
Thu Sep 28, 2017 3:22 pm
Was it a strong password? I think it's important to figure out what happened here.
yep it was and i have wordpress (in another folder) with some plugins
by raspi-owner
Thu Sep 28, 2017 3:05 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

did you leave the rpi open to the internet with user pi / default password? no,not at all.. i created a new username with a new password and deleted the pi user plus i have found that this guy have had the same problem as me : https://www.digitalocean.com/community/questions/apache-error-wp-login-p...
by raspi-owner
Thu Sep 28, 2017 2:29 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

do you recommand me to restart everything from zero because i checked for apache no script and it seem working ??
by raspi-owner
Thu Sep 28, 2017 2:23 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

Martin Frezman wrote:
Thu Sep 28, 2017 2:15 pm
in the log of fail2ban it show the ip of the hacker
I don't see that in any of the OP's posts (i.e., you are the first to post it).

Have you been in PM with OP (so you know things about the case that are not in the thread) ?
didn't understand what you mean (sorry) can you explain ??
by raspi-owner
Thu Sep 28, 2017 2:19 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

Have you somehow disabled [apache-noscript] port = http,https logpath = %(apache_error_log)s in fail2ban, because that jail should catch tests for non-existent php scripts and block the remote user? Are you running fail2ban 0.9.6-2 or an earlier version? testproxy.php has been a hack attempt for ab...
by raspi-owner
Thu Sep 28, 2017 2:11 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

Isn't it more likely that there is no problem here at all? Modern software tends to create all kinds of temporary files, with sometimes somewhat suspicious names, all the time. We've come to accept it. They can't possibly document all the various files and temporary files that they create. You just...
by raspi-owner
Thu Sep 28, 2017 2:05 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

Re: someone puted a file on my server !!

1) remove port forwarding on your router 2) shut down the RPI 3) download a new version of raspbian and put it on a new SDcard 4) add a new user and disable the user pi 5) create a new version on your RPi server machine 6) recover any files off your old sdcard not exectuables . did you leave the rp...
by raspi-owner
Thu Sep 28, 2017 1:53 pm
Forum: Beginners
Topic: someone puted a file on my server !!
Replies: 17
Views: 1875

someone puted a file on my server !!

hi, i have recently got a random php file: "testproxy.php" on my server..how can someone hack into my folder and put it there,please help !!
by raspi-owner
Mon Aug 28, 2017 12:42 am
Forum: Networking and servers
Topic: port forwarding or dmz ??
Replies: 6
Views: 3277

Re: port forwarding or dmz ??

will do my best to learn more about all this stuff..thank's for the answers.
by raspi-owner
Sun Aug 27, 2017 10:15 pm
Forum: Networking and servers
Topic: port forwarding or dmz ??
Replies: 6
Views: 3277

Re: port forwarding or dmz ??

No they won't if you apply some sensible security controls. https://www.raspberrypi.org/documentation/configuration/security.md i did almost everything in that tutorial expect ssh key login and customizing the ufw..plus my fail2ban jail.local doesn't match with the one in the website (i have sshd i...
by raspi-owner
Sun Aug 27, 2017 8:49 pm
Forum: Networking and servers
Topic: port forwarding or dmz ??
Replies: 6
Views: 3277

Re: port forwarding or dmz ??

Port forward and firewall is ALWAYS the better choice. If you put any machine in a DMZ that opens ALL ports, your firewall rules need to be much more robust as you're relying on them to keep the baddies out. but what if i got hacked with port forwarding...the hacker will be able to see the other de...
by raspi-owner
Sun Aug 27, 2017 7:17 pm
Forum: Networking and servers
Topic: port forwarding or dmz ??
Replies: 6
Views: 3277

port forwarding or dmz ??

Hi, i want to make sure that i choose the correct one before starting my web server on the pi, so: 1)The port forwarding is more secure as said on many forums "BUT" if a hacker could do his job than all my local connection is in danger 2) The DMZ is less secure "BUT" i'm only going to open port 80 a...
by raspi-owner
Sat Aug 26, 2017 4:05 pm
Forum: Français
Topic: Probleme installation serveur web
Replies: 3
Views: 881

Re: Probleme installation serveur web

D'après ce que j'ai lit stretch support uniquement php7
by raspi-owner
Fri Aug 25, 2017 9:43 pm
Forum: Troubleshooting
Topic: python script dont want to work
Replies: 24
Views: 3095

Re: python script dont want to work

nevermind,now i start the script manually in background and stop it before shutting down..it still not what i wanted to do but it's doing the job until i find a good solution,thank's everyone for giving a lot of advices and explanations ;)

Go to advanced search