search

ellite / Wallos

Wallos: Open-Source Personal Subscription Tracker
GNU General Public License v3.0
2.93k stars 133 forks source link

[docker] Constant GETs, 100% CPU utilization #588

Open glottisfaun0000 opened 7 hours ago

glottisfaun0000 commented 7 hours ago

What is wallos doing?

docker container logs wallos
[25-Oct-2024 17:31:35] NOTICE: [pool www] child 41936 exited with code 0 after 38.111197 seconds from start
[25-Oct-2024 17:31:35] NOTICE: [pool www] child 41950 started
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /index.php" 302
127.0.0.1 -  25/Oct/2024:17:31:35 -0700 "GET /login.php" 302
...

For the second time in the past fews days since starting running wallos, I've looked at ctop when my system seemed slow and saw the wallos container using 100% of my CPU. Where can I start to get more info on what the hell is happening? Are these GETs normal and unrelated to what wallos could possibly be using 100% of my CPU for?

Something else I noticed that could be related is that I had wallos set up in dashy with a status indicator which never seemed to resolve itself green.

ellite commented 2 hours ago

Hi. Is it exposed to the internet? It looks like a login brute force.

Edit: Just noticed the dashy part. That makes sense. Wallos returns a 302 and redirects to login.php Maybe dashy keeps trying and trying. Change it to test directly on the login page and check