New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
@ajones WHY YOU DO THIS!?"?
@CVPS_Chris WHY YOU NO LISTEN TO OUR ADVICE?!?!?3!?
And the world wasn't supposed to end for another 6 or 7 weeks
Oh dear.
@liamwithers - we got the ChicagoVPS email as well. Checking out what's happening now.
Any clients data in question? Node compromised?
Solusvm brute force protection doesn't cover API? I'm not going to pull a WHT and say "lol you're bad at security" ...that could've been any of us if that's true. Pretty sure LFD isn't going to catch that. Disconnecting API now until I hear more about this, like why its accepting API from a non-specified IP. And I'm just assuming that's the API key we're talking about.
But you cannot decrease something which is infinite. Just sayin'
You also cannot increase something that's infinite. Just saying.
@jarland Our SolusVM installation works only over our internal network.
@ajones you can check the q3 poll winners for good hosts.
So how do clients access it?
>
@miTgiB VPN access?
Guessing he means the admin API for billing software. I assumed that was what they were referring to by being compromised by brute force on API, or perhaps I'm absolutely clueless about some huge security flaw in another part of SolusVM?
@miTgiB Clients can access is over the web but API calls from WHMCS are routed trough our internal network. Nodes are linked to the master via our internal network as well.
Arn't SVM API keys whitelisted to specific IPs?
@SimpleNode mine is to a single internal IP.
Yes.. or should be