RE: Network security issue: Portmapper servers

@girish Thanks. I'll take this up with Vultr.
David Foy

I continue to get the following alert from my ISP (Vultr.com, where shared servers are called "instances")
[begin quote]
...
Recent network security audits have detected some issues on your instances. Please review the following reports and help us to ensure the security of our network:
== Portmapper servers ==
Portmapper is a service usually used with NFS. When this is not properly firewalled, it can be abused to conduct DDOS attacks. We recommend that all portmapper services be behind a firewall, and restricted to only IPs that need to contact them.
For Linux machines, please add firewall rules to block port 111 on both UDP and TCP:

iptables -I INPUT 1 -m tcp -p tcp --dport 111 -j DROP
iptables -I INPUT 1 -m udp -p udp --dport 111 -j DROP

Please see https://blog.cloudflare.com/reflections-on-reflections/ for more information on reflection attacks.

The following IPs have been detected running open portmapper servers:
[my cloudron IP was shown here]
If you believe these reports to be false positives, please let us know.

[end of quote]

How should I address this?

@nebulon Thanks. If I keep having this issue I'll start troubleshooting as you suggest, and will probably try to get the Vultr support people involved as well.

@girish Thank you. I'll save these comments for the next reboot. Is it possible that there is some wrinkle in the way Vultr provisions the instance? If so I want to alert them to it.

Update: a repeat of a restore of a backup has it running again. Just a day's worth of emails gone.
How can I reboot in the future without all this agony? Only from a terminal? I'm never going to use the on-screen "reboot now" button again.

It didn't work. The backup from 9 this morning has been restored, but the Cloudron install still refuses to boot.
I'm now going to have to install a fresh Cloudron and painstakingly re-install everything (losing all my email records in the process. It will probably entail a complete re-working of all my Cloudflare settings.

Surely this isn't normal.

I'm now restoring the Vultr backup taken this morning at 9 am. I was never able to get my Cloudron installation to run following the reboot -- all it did was show me the red bar with the "Cloudron is rebooting" message, even though when I used the Vultr instance console it was obvious that Ubuntu had completed the reboot and was ready.
This is the third time I've had to do this. What am I doing wrong?

How long should a reboot take? I have had to restore from backups twice now after experiencing what seems to be an endless reboot that appears to never finish.
It seems to be happening again (9/28/2021).
Am I just being impatient?

@girish Thanks!

I have limited experience setting up LAMP, and what I know I learned from DigitalOcean tutorials.
One of their tutorials includes this on editing the DirectoryIndex directive in mods-enabled/dir.conf:

/etc/apache2/mods-enabled/dir.conf
<IfModule mod_dir.c>
DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
</IfModule>

By moving "index.php" to the first position in the DirectoryIndex directive, I can cause index.PHP to run as the default rather than index.HTML.

I realize I can just remove index.HTML if I want index.PHP to be the file that runs, but I wonder, is it possible for me to edit a DirectoryIndex directive somewhere, as per the tutorial?

That would let me keep an index.HTML file on the site as a fallback in case PHP failed (unlikely, but surely possible).

@girish Thanks -- I discovered this, finally. Don't know why I didn't see it immediately.

I was unable to get my Vultr one-click Cloudron to do anything, so I created another, assuming I had misconfigured something. Now when I try to use the second one, I am unable to register in the app store because "an account by that name already exists" which seems strange. I know it exists, and I'm trying to log into it. Not sure why I can't log into an account that exists because the account exists.
But since it doesn't work, my guess is instead of allowing me to re-install with an existing account, you are requiring me to have a new account, so now I apparently have two somewhere down in the bowels of your software.
Can you please merge them so I can get to work on trying to set up Cloudron on a Vultr server?