Help with Log Details (WARNING)

Dee · May 26, 2021, 4:07pm

Hello I started getting this after I had to update my github token. not sure but what I can find it is a attack attempt but not sure how to fix it. Need some help and thoughts maybe doing a reverse proxy?
Thank you

Logger: homeassistant.components.http.security_filter
Source: components/http/security_filter.py:50
Integration: HTTP (documentation, issues)
First occurred: 11:31:07 AM (1 occurrences)
Last logged: 11:31:07 AM
Filtered a request with a potential harmful query string: /CFIDE/administrator/enter.cfm?locale=…/…/…/…/…/…/…/lib/password.properties%00en

tom_l · May 26, 2021, 4:29pm

It is an attempted attack.

The best way to prevent it is to only connect to Home Assistant outside your local network via a VPN.

Dee · May 26, 2021, 4:49pm

Thanks for the reply I have some custom alexa skills can I get those to work with a VPN
also this just started after I updated my github tokens

tom_l · May 26, 2021, 5:45pm

Just a coincidence.

Dee · July 22, 2021, 2:57pm

@tom_l
Hey Tom I had turned off port forwarding for a while, my custom Alexa skills would not work, So I looked for some other solutions, I did found Multi-factor Authentication Modules, and enabled it about a week ago. Didn’t think it would help but was hoping. Yesterday I got 2 more warnings so I tuned off port forwarding again. Also was reading up on reverse proxy a lot. Just wondering about your thoughts on reverse proxy. I know you said VPN but then my Alexa skills will not work, (from what I read). I was thinking of using the Home assistant cloud service but I read somewhere some of the sensors can not be read. But it looks like it my be my only solution. What are your thoughts
Thank you

tom_l · July 22, 2021, 11:55pm

I use port forwarding with a dynamic DNS service, a strong password with MFA turned on and just ignore the occasional intrusion attempts.