Just got a notification that there was a failed login attempt from 45.56.90.98. Resolves to scan-01.lo-sec.online. I know this isn’t necessarily a HA-specific question, but does anyone know what that is? Someone probably scanning for listening ports and trying a default password? How can I tell exactly how many attempts they made?
Somebody was trying to login in your installation. To get the details about the login attempts browse to your log file.
Consider to start using login_attempts_threshold
which help you to prevent brute-force attacks on your installation.
My guess is that your hit is related to a tweet:
Several people have had this happen during the last few hours, me too.
1 Like