Mauro,
Unless you use somewhere in your stack log4j vulnerable software (nginx
is not) I don't see anything significant to worry about.
Maxim
On 29.12.2021 21:34, Mauro Tridici wrote:
Helo Maxim,
thank you very much for the explanation.
In your opinion, is this the case to “fix” this behavi
Thanks for PCRE2 support!
>From what I read Nginx 1.21.5 will default to PCRE2 if found or fallback to
PCRE if not
You can disable PCRE2 default by passing --without-pcre2 flag - which works
fine and
ldd $(which nginx)
shows
libpcre.so.1 => /usr/local/nginx-dep/lib/libpcre.so.1 (0x7f86c744
Many thanks for sharing with me your experience.
In the next days, I will try to apply your know-how to my particular case.
The HIDS I installed is still blocking the attack attempts, but I have some
doubts about the “best practices” needed for the NGINX “200” answer.
Maxim Dounin kindly said tha
"get" is a html verb also known as method. Most URL requests are gets.
https://www.w3schools.com/tags/ref_httpmethods.asp
https://nordicapis.com/ultimate-guide-to-all-9-standard-http-methods/
I just know the bare essentials and have web pages that look like the 90's era
other than using a lit
Helo Maxim,
thank you very much for the explanation.
In your opinion, is this the case to “fix” this behaviour (but I don’t know
how, I’m a newbie, sorry) or I should simply ignore it?
Many thanks again,
Mauro
> On 29 Dec 2021, at 19:29, Maxim Dounin wrote:
>
> Hello!
>
> On Wed, Dec 29, 20
Hi Justin,
thank you very much for your help.
Since I’m a newbie, I would like to ask you additional details in order to
“fix” this behaviour (if it shouuld be fixed).
What is the meaning of “GET /“? Does It mean that the attacker is trying to GET
something from the / path of the server (sorry
Hello!
On Wed, Dec 29, 2021 at 03:55:35PM +0100, Mauro Tridici wrote:
> I have an old instance of NGINX (v.1.10.1) running as proxy
> server on a dedicated hardware platform.
> Since the proxy service is reachable from internet, it is
> constantly exposed to cyber attacks.
> In my particular ca
Nginx is returning a 200 because the request is a "GET /", and I am assuming
your nginx configurations allow GETs to "/".
Justin
On 29/12/2021, 10:20 AM, "nginx on behalf of Mauro Tridici"
wrote:
CAUTION: The e-mail below is from an external source. Please exercise
caution before openin
Thank you very much for your reply. I really appreciated it.
I’ll wait for the final gurus feedback too.
Mauro
> On 29 Dec 2021, at 18:03, lists wrote:
>
> That IP space is certified shady. I detect the occasional hack from them. See
>
> https://krebsonsecurity.com/2019/08/the-rise-of-bulletp
That IP space is certified shady. I detect the occasional hack from them. See
https://krebsonsecurity.com/2019/08/the-rise-of-bulletproof-residential-networks/
and
https://wirelessdataspco.org/faq.php
These wireless companies will do anything for money including leasing their IP
space.
I do
Dear Users,
I have an old instance of NGINX (v.1.10.1) running as proxy server on a
dedicated hardware platform.
Since the proxy service is reachable from internet, it is constantly exposed to
cyber attacks.
In my particular case, it is attacked by a lot of Log4j attack attempts from
several m
11 matches
Mail list logo
