We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Search found 90 matches
- Sun Apr 08, 2018 6:35 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
yous said wonderful words, but and then how i got hacked i don't have roundcube if they are not sure please don't provide the answers yet, as we're frustrated and don't tolerate 101 different answers. Things can Be controlled when you've proper source i have been hacked many times during past as tho...
- Sun Apr 08, 2018 6:28 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
you meant they found the roadmap of the hack will see then,
i disabled and deleted roundcube and phpmyadmin ( i usually do after installation) from my servers as i like to work with CLI and use email client app for email sendings. Still server is hacked that's bullshit reasons they are giving
i disabled and deleted roundcube and phpmyadmin ( i usually do after installation) from my servers as i like to work with CLI and use email client app for email sendings. Still server is hacked that's bullshit reasons they are giving
- Sun Apr 08, 2018 6:24 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
post publically when you resolved the security issue.
in order to resolve it on our server.
in order to resolve it on our server.
- Sun Apr 08, 2018 6:23 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
Bullshit they are not accepting they have vulnerabilities
- Sun Apr 08, 2018 6:03 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
Thanks for sharing this link. I cannot access Vesta GUI today on my DigialOcean servers. This DigitalOcean message saying they have blocked inbound traffic to 8083 seems to explain it (I have other servers on Vultr which still work). Once DigitalOcean re-opens the access to 8083, what is recommende...
- Sun Apr 08, 2018 5:37 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
so it isn't roundcube issue rather vulnerability is in vesta core files and vesta team assured security patch tomorrow. Wait for it.
- Sun Apr 08, 2018 3:20 pm
- Forum: General Discussion
- Topic: Two servers are hacked today via Vestacp
- Replies: 21
- Views: 28013
- Sun Apr 08, 2018 1:24 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
A bit more info: My /etc/cron.hourly/gcc.sh file was modified on 04.04.2018 16:25:00 I've analyzed the modified /var/lib/mysql/roundcube/session.ibd file, which was modified at the same time on 04.04.2018 16:24:56 In SQL dump of this "session" table from "roundcube" database I found new session at ...
- Sun Apr 08, 2018 12:53 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
@lukapaunovic I also strongly doubt that roundcube is involved here. if the attacker/bot checked the website he might have automatically tried the roundcube url and therefore an entry in the session table of the rc db has been made. I did not find anything in the usual webserver logfiles that gave ...
- Sun Apr 08, 2018 12:45 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 699974
Re: Got 10 VestaCP servers exploited
lol and host doesn't allowed it too.lukapaunovic wrote: ↑Sun Apr 08, 2018 12:40 pmI'm in rescue I'm not crazy to boot hacked system up lol