@girish Thanks. I'll take this up with Vultr.
Latest posts made by dfoy
Network security issue: Portmapper servers
I continue to get the following alert from my ISP (Vultr.com, where shared servers are called "instances")
Recent network security audits have detected some issues on your instances. Please review the following reports and help us to ensure the security of our network:
== Portmapper servers ==
Portmapper is a service usually used with NFS. When this is not properly firewalled, it can be abused to conduct DDOS attacks. We recommend that all portmapper services be behind a firewall, and restricted to only IPs that need to contact them.
For Linux machines, please add firewall rules to block port 111 on both UDP and TCP:
iptables -I INPUT 1 -m tcp -p tcp --dport 111 -j DROP
iptables -I INPUT 1 -m udp -p udp --dport 111 -j DROP
Please see https://blog.cloudflare.com/reflections-on-reflections/ for more information on reflection attacks.
The following IPs have been detected running open portmapper servers:
[my cloudron IP was shown here]
If you believe these reports to be false positives, please let us know.
[end of quote]
How should I address this?
RE: Reboot question
It didn't work. The backup from 9 this morning has been restored, but the Cloudron install still refuses to boot.
I'm now going to have to install a fresh Cloudron and painstakingly re-install everything (losing all my email records in the process. It will probably entail a complete re-working of all my Cloudflare settings.
Surely this isn't normal.
RE: Reboot question
I'm now restoring the Vultr backup taken this morning at 9 am. I was never able to get my Cloudron installation to run following the reboot -- all it did was show me the red bar with the "Cloudron is rebooting" message, even though when I used the Vultr instance console it was obvious that Ubuntu had completed the reboot and was ready.
This is the third time I've had to do this. What am I doing wrong?
Is it possible to give PHP apps precedence over HTML pages?
I have limited experience setting up LAMP, and what I know I learned from DigitalOcean tutorials.
One of their tutorials includes this on editing the DirectoryIndex directive in mods-enabled/dir.conf:
DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
By moving "index.php" to the first position in the DirectoryIndex directive, I can cause index.PHP to run as the default rather than index.HTML.
I realize I can just remove index.HTML if I want index.PHP to be the file that runs, but I wonder, is it possible for me to edit a DirectoryIndex directive somewhere, as per the tutorial?
That would let me keep an index.HTML file on the site as a fallback in case PHP failed (unlikely, but surely possible).