High CPU usage & service abuse

doodlemania2

@robi yikes! good luck sir

robi

impressive. no wonder backup failed.

-rw-r--r-- 1 root root 237376357024 Jan  1 22:23 querylog.json

human readable:

-rw-r--r-- 1 root root 222G Jan  1 22:23 querylog.json

imc67

@robi it's a serious issue you have (think of IP reputation!) but it was also mentioned before:

https://forum.cloudron.io/topic/3840/adguard-on-upcoming-cloudron-v6-ddos-reflection-amplification

And it's in the docs:

https://docs.cloudron.io/apps/adguard-home/#securing-installation

I think DDNS doesn't work because you have to add an IP in AdGuard, I have the same issue with my home connection, that's why I don't use AdGuard in my personal Cloudron. I run Pi-Hole in my home network on a Raspberry Pi.

girish

@robi Can you check what is taking so much space? Is this log files?

doodlemania2

@girish yeah, the querylog was 222gigs eeeeek!

A Former User

@robi Does your VPS provider not let you block port 53? Or do you need it to be accessible externally?

A Former User

@atrilahiji I might be wrong about this but I think port 53 needs to be used to resolve DNS, and since @robi mentioned that he installed it on a business VPS it has to be publicly accessible for it to function. If it were a homelab would this be less of an issue?

robi

@thpuffin @atrilahiji it would not be an issue because of NAT at home.

girish

@doodlemania2 I decreased the query log retention from 90 days to 7 days as the default. But depending on the use case, it can be disabled altogether in the settings file.

robi

@doodlemania2
Thanks to rclone I uploaded all 222GB to my Google Drive in less then a couple hours. (didn't time it, but expected it to be much longer.)

VPS is on a 200mbit line last time I checked, so could be under an hour.
If only we had network graph stats.