Closed VeniVidiVici9 closed 4 years ago
And these addresses are often connected by default in the background.
183.192.179.16 182.254.52.17 14.18.182.223 61.241.50.63 101.89.19.140 113.96.198.54 59.36.132.240 14.215.156.146
Why open again such issue. Gitea itself will not connect to any services except what you have configured. So either user avatar federation, git mirroring, webhooks you or your users have configured or external authorizations services you have enabled. Please stop spamming Gitea issues, posting these IP addresses are useless.
Do you have ENABLE_FEDERATED_AVATAR=True
in your custom/conf/app.ini ? I suspect that this is from the libravatar service. I assume that these internal requests are related to accesses to Gitea - in particular the Avatars.
In terms of adding screenshots - that's Github - you should take a look at their pages.
Logs you have shown is that not gitea service is connecting to these IP addresses but someone from that IP address is opening login form (not even trying to login as otherwise there would be POST request). These could be just random Chinese network scanners
Why does gitea silently connect to some IP addresses on the network like a Trojan in the background? can the author explain this situation?
I also encountered a situation similar to illegal login, I don’t know if this is an illegal login, but there are information such as "/user/login" and "/user/login 200 OK" in the log. Is this an illegal login? This let people feel uneasy. can the author explain this situation?
it's always like this at 5 o'clock every morning, and my firewall keeps alarming. 182.254.52.17 / 61.241.50.63 / 14.18.182.223 is not my IP address. What do these IP address use to do? It always connect these addresses silently in the background.
such as belowing log:
I use a docker container, not a binary file, and the version number is: 1.12.0 + dev-69-g972b3bf3b. image checksum is sha256:c4a654eb05c032eac9ee57de853c725de6169f93f0a45ccd506c7bf4bed03fe5
I have compared the information in the build log. The checksum is the same on the Docker Hub official website server.
Docker Hub official website server address is https://hub.docker.com, Checksum on Docker Hub official website server is: gitea/gitea:latest Digest:sha256:c4a654eb05c032eac9ee57de853c725de6169f93f0a45ccd506c7bf4bed03fe5 OS/ARCH linux/arm64/v8 Size 48.2 MB Last pushed 12 hours ago by giteabot
the following is my build image log:
By the way, how to upload screenshots in these Issues, I can’t upload the screenshots, and the description is not as vivid and real as the screenshot.