FlightsForBites.com

Hello! I've been an avid user of the site, it has served me well.
It appears to be down at the moment? Not sure how to contact you outside of this forum.
 
Leyrah said:
Hello! I've been an avid user of the site, it has served me well.
It appears to be down at the moment? Not sure how to contact you outside of this forum.
Click to expand...
Internet outage in my area. I was supposed to WFH today but am now headed into the office after like the sixth drop.
 
I tried adding the Google Maps link for a restaurant at a local airport, but the site didn't like the link I copied from the Google Maps page. It told me that the app only accepts Google Maps links. Well, that's what I offered and it didn't like it. Not a biggy, the restaurant is on the field at KBVS.
 
Flyhound said:
I tried adding the Google Maps link...
Click to expand...
Please post the GM link here. To prevent malicious activity, the app rejects URLs that don't conform to expected patterns.
 
@Flyhound, the app now accepts GM URLs like the one you tried to enter. To validate, I updated Skagit Landing restaurant with the URL that gave you trouble.
 
Since 11/25, every day, many times a day, I see many entries like this in the logs, "[warning] An attempt was made to authenticate the locked user"

Is this just expected scanning or should I be worried? This is new in almost 2 years of hosting the site.
 
Welcome to the hostile interwebs. This is a bot that detected you are running tomcat and is most likely attempting to login using the default username/password, which I believe is tomcat/tomcat.
The user is locked because tomcat detected a brute force attack.

If you're still using the default user ("tomcat") I recommend you disable it asap and use another account for admin.

If you check your access logs, I am sure you'll find other attempts at automated entry such as probing for phpmyadmin, wordpress and other common services.
 
@Leyrah, thanks! I changed the UID/PWD during the original install. The administrator interface is also only accessible from the machine itself which made me think I should be seeing a different log message. The current message, to me, implies someone is already on the machine.
 
Two "Flightsforbites" threads have been merged.

Nauga,
the voice activated git
 
Good job @Mahneuvers. Been using FFB on this latest trip, and it has definitely surpassed fly2lunch in usefulness. F2L seems to be abandoned at this point.

Went through and reviewed/ corrected everything on my local area, as well as a couple we hit on this trip. Thanks again for the resource.
 
Mahneuvers said:
@Leyrah, thanks! I changed the UID/PWD during the original install. The administrator interface is also only accessible from the machine itself which made me think I should be seeing a different log message. The current message, to me, implies someone is already on the machine.
Click to expand...

AI is taking over....

From now on it's Flights for Bytes!
1702176577473.png
 
I've posted the FlightsForBites.com link before on FB. I did so again today in response to a restaurant question from someone flying from FL to NC. Not sure what's different this time, but, site traffic has been crazy today. And so have been the attempts to hack the server, unfortunately.
 
Mahneuvers said:
Since 11/25, every day, many times a day, I see many entries like this in the logs, "[warning] An attempt was made to authenticate the locked user"

Is this just expected scanning or should I be worried? This is new in almost 2 years of hosting the site.
Click to expand...

Old post, sorry for the lagged reply, but this sorta surprises me. Everytime I poke something out into the big bad internet on port 80, it receives 10s of thousands of script kiddie trash daily, from the jump.
 
schmookeeg said:
....it receives 10s of thousands of script kiddie trash daily...
Click to expand...
Oh. Sure. So my pathetic site is only worth dozens of attacks per day compared to your sites :)

Seriously, having never publicly exposed a site before, I really have no idea what to expect. The messages I see in the logs relate to login in attempts on privileged accounts. You cannot login into these accounts unless you're logged into the server itself, so, I'm somewhat surprised to even see these failed login attempts.

You offered earlier about hosting this site for me. I might take you up on that if there's a chance my basic security measures are insufficient.
 
Mahneuvers said:
Oh. Sure. So my pathetic site is only worth dozens of attacks per day compared to your sites :)

Seriously, having never publicly exposed a site before, I really have no idea what to expect. The messages I see in the logs relate to login in attempts on privileged accounts. You cannot login into these accounts unless you're logged into the server itself, so, I'm somewhat surprised to even see these failed login attempts.

You offered earlier about hosting this site for me. I might take you up on that if there's a chance my basic security measures are insufficient.
Click to expand...
:D

I bet your traffic logs have oodles of 404 and 500 errors from attempts to access common control panel urls, backdoors, and known exploits. Mine all do.

Offer stands, even if just to play around, give a shout whenever :)
 
You must log in or register to reply here.
Back
Top