Vesta Control Panel - Forum

Community Forum

Skip to content

Advanced search
  • Quick links
    • Main site
    • Github repo
    • Google Search
  • FAQ
  • Login
  • Register
  • Board index Main Section General Discussion
  • Search

/var/log/vesta/system.log FILLED with firewall commands...

General questions about VestaCP
Post Reply
  • Print view
Advanced search
2 posts • Page 1 of 1
hedgehog90
Posts: 25
Joined: Wed Sep 09, 2015 7:19 pm

/var/log/vesta/system.log FILLED with firewall commands...
  • Quote

Post by hedgehog90 » Tue Mar 17, 2020 2:46 pm

Here's a snippet from the beginning of my vesta system.log:

Code: Select all

2020-01-01 06:57:17 v-delete-firewall-ban  '49.88.112.77' 'SSH'
2020-01-01 06:57:33 v-delete-firewall-ban  '112.85.42.174' 'SSH'
2020-01-01 07:02:19 v-add-firewall-chain  'SSH'
2020-01-01 07:02:19 v-add-firewall-ban  '222.186.42.4' 'SSH'
2020-01-01 07:04:03 v-add-firewall-chain  'SSH'
2020-01-01 07:04:03 v-add-firewall-ban  '49.88.112.77' 'SSH'
2020-01-01 07:12:19 v-delete-firewall-ban  '222.186.42.4' 'SSH'
2020-01-01 07:14:04 v-delete-firewall-ban  '49.88.112.77' 'SSH'
2020-01-01 07:17:51 v-add-firewall-chain  'SSH'
2020-01-01 07:17:51 v-add-firewall-ban  '222.186.175.150' 'SSH'
2020-01-01 07:18:50 v-add-firewall-chain  'SSH'
2020-01-01 07:18:50 v-add-firewall-ban  '49.88.112.77' 'SSH'
2020-01-01 07:27:51 v-delete-firewall-ban  '222.186.175.150' 'SSH'
2020-01-01 07:28:35 v-add-firewall-chain  'SSH'
2020-01-01 07:28:35 v-add-firewall-ban  '94.21.243.204' 'SSH'
2020-01-01 07:28:51 v-delete-firewall-ban  '49.88.112.77' 'SSH'
2020-01-01 07:33:06 v-add-firewall-chain  'SSH'
2020-01-01 07:33:06 v-add-firewall-ban  '222.186.169.194' 'SSH'
2020-01-01 07:38:35 v-delete-firewall-ban  '94.21.243.204' 'SSH'
2020-01-01 07:40:09 v-add-firewall-chain  'SSH'
2020-01-01 07:40:09 v-add-firewall-ban  '222.186.175.140' 'SSH'
2020-01-01 07:43:07 v-delete-firewall-ban  '222.186.169.194' 'SSH'
2020-01-01 07:48:10 v-add-firewall-chain  'SSH'
2020-01-01 07:48:10 v-add-firewall-ban  '222.186.180.17' 'SSH'
2020-01-01 07:50:10 v-delete-firewall-ban  '222.186.175.140' 'SSH'
2020-01-01 07:51:19 v-add-firewall-chain  'SSH'
2020-01-01 07:51:19 v-add-firewall-ban  '218.92.0.172' 'SSH'
2020-01-01 07:51:26 v-add-firewall-chain  'SSH'
2020-01-01 07:51:26 v-add-firewall-ban  '94.21.243.204' 'SSH'
Look at the frequency of these logs. Now extrapolate that to today.
Is my server being attacked?

I've checked older logs going back to 2016, there are loads of these add/delete-firewall-bans, but the frequency since January this year is close to 10x more than previous years.
This isn't right, surely...
Someone please explain what is going on and recommend course of action if necessary.
Top
hedgehog90
Posts: 25
Joined: Wed Sep 09, 2015 7:19 pm

Re: /var/log/vesta/system.log FILLED with firewall commands...
  • Quote

Post by hedgehog90 » Wed Jul 01, 2020 1:14 pm

*bump*

This is still an issue. Can someone please explain why this is happening?
My system.log continues to log thousands of these firewall commands every day.
Top
Post Reply
  • Print view
2 posts • Page 1 of 1

Return to “General Discussion”



  • Board index
  • All times are UTC
  • Delete all board cookies
  • The team
Powered by phpBB® Forum Software © phpBB Limited
*Original Author: Brad Veryard
*Updated to 3.2 by MannixMD
 

 

Login  •  Register

I forgot my password