Vesta Control Panel - Forum

n0x, if you havent so yet, you can check out this poll and fill in your infos there: Hi Everyone, We have put together a survey to help us better understand the general configuration in relation to some of the working theories. If you have suggestions to broaden the survey, please let us know. http...

just noticed, I do have some weird commands being run as 'root' when I do ps -fU admin with things like 'ifconfig eth0', 'su', 'pwd', 'cat resolv.conf', etc along with the standard Vesta admin processes (NGINX, etc). I'm not sure what that is but I don't see it on any other VM running Vesta and I d...

So the droplet was disconnected by Digital Ocean at 3:53pm today (10/04/2018), it was pushing 1 Gbps outbound at the time but looks like traffic had been spiking outbound for a number of hours prior to that. Backups on the VM run at 5 and 6am so I'm pretty sure it wasn't outbound backup traffic. My ...

Just had a message from Digital Ocean that I had an outbound DDoS originating from a clean OS install after the Saturday problems. This was a clean 0.9.8-19 install that I updated to 0.9.8-20. Looks like my clean 0.9.8-20 installation hasn't been compromised. I'll be back at a PC in half an hour and...

Really nice script and solution for remote backup storage.

Running nicely on the VM now :)

imperio wrote: ↑

Mon Apr 09, 2018 11:12 pm

Try to install again

Yep seems to be good on Ubuntu 16.04 now!

You'd need a web application firewall (WAF), or some sort of proxy to inspect all the traffic.

Probably the easiest way is to put it behind CloudFlare and use their WAF - Otherwise there are some open source options.

My vestas are 3 months old That is very strange. How the hell they exploited your server? In my case, i have three servers with Vesta, none of them was exploited. In the most important one, i did have port 8083 blocked with iptables Then i have one test server where i installed Vesta last week, and...

Did you install VestaCP recently? We are trying to know if their repo was exploited. I don't think it was the repo - I had installations that were made 3 months ago and last updated in Jan 2018 suddenly get exploited around mid-day on Saturday 7th April. This is almost definitely a vulnerability wi...

Yep, DigitalOcean blocked port 8083 across all zones. Change the port by following: https://forum.vestacp.com/viewtopic.php?f=10&t=16585&p=68940&hilit=8383#p68940 Then you can access on the new port with no issues (also make sure you update to 0.9.8-20 before changing the port), you can do that with...