Hacking attacks with and through aaPanel

gacott you can fork the panel and do whatever you want. What's the problem?

aapanel_user WTF are you talking about? I'm trying to help make a better panel, HERE! Why are you talking about forking it? Is there something wrong about contributing to this project? Do I have to fork and start my own to contribute?

CQT you clearly dont know what you are talking about. I lived and visit China several times per year so your affirmations are not accurate at all. I am sorry thats not correct.

China offers several business and services, we cannot state and talk about politics on a webhosting control panel forum, makes no sense at all. Let's keep it to the topic.

aaPanel_Jose i like this

With good reason I also have attack problems in some VPS, I suspected it and changed the panel, How good that they separate from bt.cn.

Dear all . I am a new user to private VPS and found aaPanel to install. I came across this thread by CQT who posts some very valid points. Now I am happy with the service of aaPanel. BUT.... I had to block the whole of China IP due to massive attacks on ssh port 22 ( f2ban was reporting 50,000+ attempts in 48hrs)

Basically has the link to a new install of aaPanel opening up your server IP address being 'smeared' hence attacked been proved or not?

Do I just accept this is the 'game' of server admin ... this is a 2nd hand IP address and is now exposed anyway.

CQT / gacott did u continue with aaPanel ?

@cib3r can you tell us what setting you put on your f2ban?

thank you

cib3r BUT.... I had to block the whole of China IP due to massive attacks on ssh port 22 ( f2ban was reporting 50,000+ attempts in 48hrs)

I don't think this is a problem of aaPanel or because aaPanel is made in China. I have CyberPanel and attacks coming from China are usually massive. Change the SSH port to something else. This helped to block out the server-side attacks to zero.

CyberPanel also supports CSF and that's so robust and keeps website safe.

Yes my aapanel username and password was changed
and the web scripts i have hosted was stolen from my ubuntu
and i remote the connections where came from and from china

same network as aapanel

wireshark is the best network app for track any hacking

aapanel its free open source what do you expect about this nothing in this world its free without any
trade

if was a paid software they will have more security and not hacking but its free and open source
we do not know what is behind

track your PCS using wireshark

aapanel they are controlling your server and still what you have hosted

Vereato Our code is open source, you can review the code at any time

aaPanel_Captain

as your software its open source so give me the full source code to install as my own
and not install from your servers

installing from url links and from your server i do not know what comes inside my server
my aapanel was changed my username and password was changed and
i was stoped to add more websites i just have 5 websites running and to add more gived me errors
my username and password was changed and i m just the only person on here who has access to the aapanel

no one else

i trace using wireshark and you are remote controlled to aapanel servers you guys are still people information and stilling people websites and information as credit card and have access to databases

Vereato

i will contact interpol police and net police for investigation

good luck

I'll just leave it here

Vereato i always use the same credentials for all my PCs its the same password and username

Hello, I am new to aaPanel. I came to this panel because I was looking at a free solution, alternative to cpanel/plesk and after using webmin/virtualmin, cyber panel, centos web admin, I had to find something more stable. I immediately loved aaPanel. But then, I faced the same problems as discussed in this thread. Many friends of mine who are pentesters faced the same issues even though they have not used aaPanel. Though I confirm that after minutes of fresh installations I got massively attacked by China, USA and Russian and some European IPs. I can see that still the problem discussed here hasn't been solved, to the point that somehow our server IPs are leaked or scraped. Below I will explain the solution I followed and solved my problems. 1- I changed the default ports. 2- I changed the admin URI of my website software and created firewall rules to drop connections on the default admin URI. 3- I DID NOT enable Postfix on the webserver, let the experts deal with it. I use Zoho Mail for all my customers and never have to deal with excessive server load cause of postfix, or mail deliverability or sent messages going to customer's spam folder. 4- Enabled Cloudflare and applied the same firewall rules as on my server's firewall. 5- Now except from the usual users (₁₀₀ customers online), I see on my logs some (limited no) of the attack bots are just browsing the website and aaPanel's load is 1-5% and cpu load 0.5-3%.