Login attempt or request with invalid authentication from (ip address)

ScottSuine · December 10, 2017, 11:43am

Hi,
I recently moved to expose my HA through Let’s encrypt and duckdns. I also just setup Google Home Assistant component and have it working well.
However, I have noticed a number of entries in my log file
[homeassistant.components.http.ban] Login attempt or request with invalid authentication from XXX.XXX.XXX.XXX
where XXX is my routers internal IP address

I added a ban_ip entry under Http: in Config.yaml, but when this is activated i can’t login in to HA through a browser on my home network using my https address.
So i figure these login attempts are coming from inside my network. How can I stop them being logged and the warning panel coming up on the HA web interface.
I am running 0.59.2

thanks
Scott

Tinkerer · December 10, 2017, 11:46am

The answer is to find what’s causing them, and stop it.

Something, somewhere on your network, is attempting to connect to your HTTPS address without authentication. Have you got any software running service scans (eg nmap with a banner scan)?

ScottSuine · December 11, 2017, 8:01am

I worked out the issue. I had installed the AppDaemon through hassio package manager. killed that and the log file settled down. I Think i need ot read into AppDaemon a little more

thanks