Hi, I have new installation of Hass.io. Official docker script on top of Ubuntu on sbc Odroid-xu4. I constantly have this warning:
Login attempt or request with invalid authentication from 54.225.5.202
Login attempt or request with invalid authentication from 3.83.161.95
Login attempt or request with invalid authentication from 3.95.253.223
Login attempt or request with invalid authentication from 34.221.147.72 etc.
it`s from components/http/ban.py
When i have checked those ip it says its amazon technologies, but i dont have any amazon equipment. Does anybody knows why this is happening and how to stop it?
Yes @silvrr i`m agree that this is very irresponsible but, i have read some Your previous posts about securing access and i se that i need to have port 8123 port open, if i close other ports will this service stop attempting to access to my port 8123? Maybe i have misunderstand something…
If you have a port open, expect to see scans and possibly login attempts. It’s open to anyone on the internet.
It’s not clear what you have setup and how your host is “ open to the world” but if you have multiple going to port 8123 your going to get lots of traffic.
A strong password and multi factor authentication are a must.
If your firewall or router allows it setup filtering based on geographic location or restrict to known up addresses.
I have my HASSIO open though the router however I mapped the default port 8123 to another very high number port. I still get the occasional prod but very rarely. I’ve also got a very secure password and use multi factor auth… No SSL yet though I could not get that to work (I don’t want or need DuckDNS) but can’t find an easy to follow SSL tutorial that does not rely on Duck DNS… ;(
Feb 2021 - UPDATE. SSL has been implemented and has been working since Mar 20 without issued.