Hacking attacks with and through aaPanel

Ggacott · Jul 18, 2020

CQT Great info, this is what I was getting at and thought something like this was going on. IMO, if we (as a community) want to see this become a successful panel, we need to disengage this from bt. Also, yeah I think this very well may be how they are getting in.

CQT the user who creates here via the db: INSERT INTO users (id, username,password, login_ip,login_time, phone,email) VALUES
(1, 'admin', '21232f297a57a5a743894a0e4a801fc3', '192.168.0.10', '2016-12-10 15:12:56', 0, '[287962566@qq.com](mailto:287962566@qq.com)');

Wwaikey · Jul 18, 2020

still waiting for response! I have use aapanel on several VPS and everything is OK! Aso I use the Chinese Version BT Panel. ..

Baidu is NO1 SE company in China so I think someone is using their IP as bridge to attacke

or maybe it's Baidu's spider ? try to ban the Baidu's spider in the robots.txt

Ggacott · Jul 18, 2020

waikey It would be a SUPER aggressive spider. Blocking in robots.txt will do nothing, these are attacks on ports.

CCQT · Jul 19, 2020

waikey We don't want to come to China and data protection now, it doesn't matter which company comes from. China has never been a country that values data protection. That's why I don't put everyone under general suspicion, but I trust state-owned companies like my ex-wife. Not directly related to aaPanel, but to NO1 SE. Everyone knows that everything and that is spied on and I also know a little bit about the politics of China. According to this sentence, I would be a dead man in China.

Aaapanel_user · Jul 19, 2020

gacott you can fork the panel and do whatever you want. What's the problem?

Ggacott · Jul 19, 2020

aapanel_user WTF are you talking about? I'm trying to help make a better panel, HERE! Why are you talking about forking it? Is there something wrong about contributing to this project? Do I have to fork and start my own to contribute?

TheWormsUnited · Jul 20, 2020

CQT you clearly dont know what you are talking about. I lived and visit China several times per year so your affirmations are not accurate at all. I am sorry thats not correct.

China offers several business and services, we cannot state and talk about politics on a webhosting control panel forum, makes no sense at all. Let's keep it to the topic.

CCQT · Jul 20, 2020

TheWormsUnited you're right politics has no business here. I will hold back in this regard in the future.
We all want the same thing, that aaPanel gets better and spreads more

aaPanel_Jose · Jul 21, 2020

Currently aaPanel is gradually getting rid of its dependence on bt.cn, but it will take time

KKrzysztofMaciejewski · Jul 21, 2020

aaPanel_Jose i like this

CCQT · Jul 21, 2020

aaPanel_Jose Glad to hear that we are currently merging the firewall and Fail2ban so that there is only one tab left.

Aangelboy · Sep 2, 2020

With good reason I also have attack problems in some VPS, I suspected it and changed the panel, How good that they separate from bt.cn.

Ccib3r · Jan 3, 2021

Dear all . I am a new user to private VPS and found aaPanel to install. I came across this thread by CQT who posts some very valid points. Now I am happy with the service of aaPanel. BUT.... I had to block the whole of China IP due to massive attacks on ssh port 22 ( f2ban was reporting 50,000+ attempts in 48hrs)

Basically has the link to a new install of aaPanel opening up your server IP address being 'smeared' hence attacked been proved or not?

Do I just accept this is the 'game' of server admin ... this is a 2nd hand IP address and is now exposed anyway.

CQT / gacott did u continue with aaPanel ?

Sswsemnto · Feb 9, 2021

@cib3r can you tell us what setting you put on your f2ban?

thank you

Aadk · Feb 13, 2021

CQT
106.12.0.0 - 106.13.255.255 this seems to be China's search engine Baidu crawler robot.

Sswsemnto · Feb 14, 2021

my fail2ban log
anti-cc
screenshot1
ssh
screenshot2

Ddeewinc · Jul 27, 2021

cib3r BUT.... I had to block the whole of China IP due to massive attacks on ssh port 22 ( f2ban was reporting 50,000+ attempts in 48hrs)

I don't think this is a problem of aaPanel or because aaPanel is made in China. I have CyberPanel and attacks coming from China are usually massive. Change the SSH port to something else. This helped to block out the server-side attacks to zero.

CyberPanel also supports CSF and that's so robust and keeps website safe.

VVereato · Jul 27, 2021

Yes my aapanel username and password was changed
and the web scripts i have hosted was stolen from my ubuntu
and i remote the connections where came from and from china

same network as aapanel

wireshark is the best network app for track any hacking

aapanel its free open source what do you expect about this nothing in this world its free without any
trade

if was a paid software they will have more security and not hacking but its free and open source
we do not know what is behind

track your PCS using wireshark

aapanel they are controlling your server and still what you have hosted

aaPanel_Captain · Jul 28, 2021

Vereato Our code is open source, you can review the code at any time

VVereato · Jul 28, 2021

aaPanel_Captain

as your software its open source so give me the full source code to install as my own
and not install from your servers

installing from url links and from your server i do not know what comes inside my server
my aapanel was changed my username and password was changed and
i was stoped to add more websites i just have 5 websites running and to add more gived me errors
my username and password was changed and i m just the only person on here who has access to the aapanel

no one else

i trace using wireshark and you are remote controlled to aapanel servers you guys are still people information and stilling people websites and information as credit card and have access to databases