Cloudron Forum

@girish Yeah, I'm thinking the same thing. ubuntu is a sudo user, and if the default password Vultr was using was exploited, then I'd have to be looking or processes run by anything. I'll migrate. Thanks again.

FWIW, I just upgraded from Ubuntu 18 this evening. Cloudron's documentation from going from 18 to 20 was quite helpful, re: a collectd edit that I never would have thought to make, plus the specific MySQL Server migration rules. Everything went smoothly, but without the documentation, it wouldn't have. So kudos to the team.

I am still confused why they demand an answer from you, if your website is getting abused...

@girish yep will give it a try. What about the networking graphs, or even the stacked ones? Is that a realistic feature to ask for?

@girish said in Abuse report received: I found very similar reports in other server forums interesting, thank you also not sure what to make of it !

aw, thanks. i will attempt to use wordpress managed, as long as the export thing will work.

Thank you @nebulon

tl;dr - If you have the above problem apt install python3-magic . Then, run apt update . On another server, unattended-upgrades package was missing as well (!) Not sure how because Cloudron installs it at install time. So, install it and run unattended-upgrade -d.

@timconsidine I totally agree! Cloudflare is like a single throttle point on almost all the internet. It would be interesting to see what would happen if, for some reason, Cloudflare "went evil" (if it already isn't!). I wonder how much of the internet would work. It is kind of like a gangster "protection racket"...

@LoudLemur I use cryptomator to encrypt sensitive files that I have on my nextcloud. Your use case is a bit trickier as you have multiple people working on the same file simultaneously. Take a look at the existing apps in the App Store like collabora, onlyoffice, and cryptpad. Cryptpad might be your best option though as it’s end to end encrypted. Edit: There’s also baserow and noco. I’m not sure if the databases are encrypted.

@andreasdueren I'd be cautious about implementing it then. Cloudron hardens your server enough - doing more by installing more software, which is NOT recommended, will only lead to problems, especially if you don't already have a deep enough understanding of what is happening. It seems to be that @BrutalBirdie's gang knows their stuff (they're using Ansible to install Cloudron??? Yeah, that is next level coding there). Of course, they may also be paying for the Enterprise level of service (I'm not asking btw, no need to respond to that @BrutalBirdie ) so if they have hassles then I suppose it's fine for them to get help beyond typical Cloudron support, especially if they are doing more to their servers than what Cloudron themselves advise.

Also stumbled on this one last week: https://web-check.xyz/ Selfhosted: https://github.com/Lissy93/web-check And a little explanation on how this works: https://www.helpnetsecurity.com/2024/02/26/web-check-website-open-source-intelligence/

@nebulon Thank you, I will investigate today and let you know.

I use vaultwarden for business related secrets or where customer data come into play. For my private stuff I still use Chrome sync but also want to switch to vaultwarden. What came to my mind: By January, a lot of people will (hopefully) switch from Chromium sourced browsers to Firefox because of the manifest v3 implementation. Because I don't want to trust Mozilla nor Google, I tinker with the thought to host my own FFsync (Firefox Sync) server to be more independend with my "cloud" hosted data. Had to think about the risks because hosting something like vaultwarden might be safe but I was unsure if FFsync gets the same care.

This is fixed for next release with https://git.cloudron.io/cloudron/box/-/commit/3477cf474f32a51c62aef65015e615db62bca4f7 For the other feature request about domains, please make a separate thread there, but I can already say that Cloudron is still designed to work for a setup of one Cloudron per organization and not many maintaining isolated organizations on one Cloudron. This will add all kinds of complexities for the 99% use-cases Cloudron is currently used for.

@girish It sure did. I thought it was a simple matter of brute forcing 16 characters. I’m glad that’s not the case. Thanks for the clarification!

@nebulon thanks! I'm not getting my hopes up too far, but hopefully this will somehow also resolve all the issues that loads of the official plugins have when trying to install them on Cloudron...