Any plans for auto update ?

[mmabas77]

No description provided.

[netzencatura]

I am definitely in favour of introducing this feature!

[AhmedNSane]

If you're worried about more pre-auth RCE vulnerabilities in the future, just block ports 7080+8090 (assuming you're using the default ones) for all except a specific fixed IP. After 2 of my clients' VPS got infected with that pesky cryptominer (kinsing, kdevtmpfsi, lib_system.so), I decided I wasn't gonna take any chances with these fofa.info-loving script kiddies anymore. I set up a cron for pinging a specific subdomain that points to my dynamic/public IP, so now I only have to worry about occasional WordPress vulnerabilities. Best of luck! 🫡

[Orgoth]

If you're worried about more pre-auth RCE vulnerabilities in the future, just block ports 7080+8090 (assuming you're using the default ones) for all except a specific fixed IP. After 2 of my clients' VPS got infected with that pesky cryptominer (kinsing, kdevtmpfsi, lib_system.so), I decided I wasn't gonna take any chances with these fofa.info-loving script kiddies anymore. I set up a cron for pinging a specific subdomain that points to my dynamic/public IP, so now I only have to worry about occasional WordPress vulnerabilities. Best of luck! 🫡

Can help but, If you have users without a static ip, which need access to this panel, this is not a good solution to simply block the ports. And not every user is able and willing to configure a dyndns to have a static ip or adress.
In any other case, yes, blocking these ports is a solution.

[mmabas77]

What about a subdomain with a proxy forwarding the request to 127.0.0.1:8090/7080 then blocking the ports and add cloudflare ?

If you're worried about more pre-auth RCE vulnerabilities in the future, just block ports 7080+8090 (assuming you're using the default ones) for all except a specific fixed IP. After 2 of my clients' VPS got infected with that pesky cryptominer (kinsing, kdevtmpfsi, lib_system.so), I decided I wasn't gonna take any chances with these fofa.info-loving script kiddies anymore. I set up a cron for pinging a specific subdomain that points to my dynamic/public IP, so now I only have to worry about occasional WordPress vulnerabilities. Best of luck! 🫡

Can help but, If you have users without a static ip, which need access to this panel, this is not a good solution to simply block the ports. And not every user is able and willing to configure a dyndns to have a static ip or adress. In any other case, yes, blocking these ports is a solution.

[r7avi]

all my clients who had default 8090 panel access got infected , but random port didn't .

[Orgoth]

A possible solution could be a vpn or an ssh tunnel.
The users already have a sftp/ssh user to access the server.

• Therefore, a ssh-tunnel would be the logical solution.
• One drawback, you have to register/create an account for them.

Then you can restrict the access of 8090 and 7080 to localhost.
Cloudflare is not needed, since it is only available from localhost and not from the outside.
In some Cases Cloudflare can be an issue in regard to GDPR and them transferring data through Taiwan, Chinese and other countries.

all my clients who had default 8090 panel access got infected , but random port didn't .

This is also an option, since the most scripts only scan the default ports.
We always change the default ports for SSH to a custom port to reduce ssh bf and other attacks.