Instance hacked, inserting 100s of posts
-
@robi Could well be - also could be something underlying in their sanitizing. I've had a few instances getting absolutely hammered from Germany on contact forms, mostly getting blocked by recaptcha but ended up being more of a DOS for the resources they threw at it. Could be the same thing, might not be, but I've cut them off early and low in the stack, so logging/etc. is pretty minimal at this point since the firewall is dropping them. FWIW, the contact forms are Caldera - not sure if that's in common or not, but that's a pretty broad attack surface to start from if so.
-
Could it be the admin password got leaked somehow or if you have used it in other sites? https://haveibeenpwned.com/ is a good place to check for this.
-
-
@robi said in Instance hacked, inserting 100s of posts:
admin account never logged in
Is it still then the default "changeme" password? Even if not logged in via GUI they mostly use the REST-API.
-
@robi said in Instance hacked, inserting 100s of posts:
admin account never logged in
Is it still then the default "changeme" password? Even if not logged in via GUI they mostly use the REST-API.
@imc67 said in Instance hacked, inserting 100s of posts:
@robi said in Instance hacked, inserting 100s of posts:
admin account never logged in
Is it still then the default "changeme" password? Even if not logged in via GUI they mostly use the REST-API.
After unblocking the admin account and attempting to log in, that's exactly what happened. How embarrassing.
That tells me the flaw that happened in creating this site.
Thank you!
-
@imc67 said in Instance hacked, inserting 100s of posts:
@robi said in Instance hacked, inserting 100s of posts:
admin account never logged in
Is it still then the default "changeme" password? Even if not logged in via GUI they mostly use the REST-API.
After unblocking the admin account and attempting to log in, that's exactly what happened. How embarrassing.
That tells me the flaw that happened in creating this site.
Thank you!
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login