Community Forum
https://forum.vestacp.com/
Same bug :( Updated to latest, all services working, except WEB UIAnimusAstralis wrote: Mon Apr 09, 2018 11:58 am It seems that my CP autoupdated and now I can't access web UI. All services are active. What should I do?
DigitalOcean (and perhaps Vultr and others) have recently blocked the default Vesta port (8083). Follow these steps to change the port (and optionally add IP firewall) and then see if you can access Vesta GUI at the new port: viewtopic.php?f=10&t=16556&start=280#p68935AnimusAstralis wrote: Mon Apr 09, 2018 11:58 am It seems that my CP autoupdated and now I can't access web UI. All services are active. What should I do?
That's easier said than done if you're selling access to your server as a web host would...RevengeFNF wrote: Mon Apr 09, 2018 12:08 pmNever forget to block the port with a whitelist to certain ip's you use.
no thats not working. i got infected while this port was only available to my ip !!or limit access to port 8083 using firewall
i did the same and i got hacked anyway. the port was only available to my ip !!RevengeFNF wrote: Mon Apr 09, 2018 12:08 pm Never forget to block the port with a whitelist to certain ip's you use.
I have port 8083 blocked in iptables and i was not a victim of this exploit.
I can confirm that vultr did not block port 8083.vesta_mtl wrote: Mon Apr 09, 2018 12:09 pmDigitalOcean (and perhaps Vultr and others) have recently blocked the default Vesta port (8083). Follow these steps to change the port (and optionally add IP firewall) and then see if you can access Vesta GUI at the new port: viewtopic.php?f=10&t=16556&start=280#p68935AnimusAstralis wrote: Mon Apr 09, 2018 11:58 am It seems that my CP autoupdated and now I can't access web UI. All services are active. What should I do?
Are you sure? I thought this was all about 8083 being publicly available?kobo1d wrote: Mon Apr 09, 2018 12:13 pmno thats not working. i got infected while this port was only available to my ip !!or limit access to port 8083 using firewall
In those cases, password protect the access to it in nginx or apache configuration, and give the pass to your customer.bruce7890 wrote: Mon Apr 09, 2018 12:11 pmThat's easier said than done if you're selling access to your server as a web host would...RevengeFNF wrote: Mon Apr 09, 2018 12:08 pmNever forget to block the port with a whitelist to certain ip's you use.
