Page 2 of 24
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 12:10 pm
by albertus
Hello
Same here. I got 10 servers hacked.
All servers were attacking 144.0.2.180 (China). Last time VestaCP was hit by a zero day it was also discovered thanks to that attack. Too similar.
I'm done with VestaCP. Can't trust it anymore.
Good luck guys
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 12:11 pm
by ctrlpac
That's seems a CRITICAL issue. I need to identify that.
Please @vestacp team, if you need any help, don't hesitate to contact me!
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 12:36 pm
by albertus
Don't worry pal. VestaCP developers will take care of it, give them a month.
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 12:41 pm
by ctrlpac
albertus wrote: ↑Tue Sep 25, 2018 12:36 pm
Don't worry pal. VestaCP developers will take care of it, give them a month.
A month? :x
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 12:42 pm
by slaapkopamy
I have the same problem,
mine ip address is blocked by ovh during the ddos attack.. :(
So @vestea team please fix the issue right away. and maybe a idea in the firewall to a option all traffic to china disable
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 12:46 pm
by albertus
ctrlpac wrote: ↑Tue Sep 25, 2018 12:41 pm
albertus wrote: ↑Tue Sep 25, 2018 12:36 pm
Don't worry pal. VestaCP developers will take care of it, give them a month.
A month? :x
How long it took them last time?
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 1:06 pm
by realjumy
skurudo wrote: ↑Tue Sep 25, 2018 11:39 am
realjumy wrote: ↑Tue Sep 25, 2018 8:03 am
If a developer wants to know more, I still have access to two of the infected servers.
Hello,
if you can provide access to those servers, please do it via
[email protected]
I just sent you an email.
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 1:07 pm
by slaapkopamy
ctrlpac wrote: ↑Tue Sep 25, 2018 12:48 pm
albertus wrote: ↑Tue Sep 25, 2018 12:46 pm
ctrlpac wrote: ↑Tue Sep 25, 2018 12:41 pm
A month? :x
How long it took them last time?
I do not know.. Really it's strange and weird. Why hasn't VestaCP got a security team or at least a member who knows about security?
why is it even possible to sent a attack from our servers?
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 1:32 pm
by trom
What I can do right now
1) I reinstall vestaCP
2) Change root password
How block log in on vesta ?
Maybe some firewall rules ?
HELP PLEASE!
Re: All VestaCP installations being attacked
Posted: Tue Sep 25, 2018 1:34 pm
by realjumy
trom wrote: ↑Tue Sep 25, 2018 1:32 pm
What I can do right now
1) I reinstall vestaCP
2) Change root password
How block log in on vesta ?
Maybe some firewall rules ?
HELP PLEASE!
I don't think any of that will work. Just shut down the server temporarily until they find the source of the vulnerability.