Results 1 to 2 of 2

Thread: Information about Nextcloud only

  1. #1
    Join Date
    Oct 2009
    Beans
    353

    Information about Nextcloud only

    Thought a few might be interested in this. https://soylentnews.org/article.pl?s...40201&from=rss Ramsomware for nextcloud servers.

  2. #2
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Information about Nextcloud only

    A better known publisher:
    https://www.bleepingcomputer.com/new...linux-servers/
    We've been looking into the reports on the forum and source of the virus. We are confident that the attack vector was the nginx+php-fpm security issue that hit the web some time ago.
    Daily, versioned, "pulled", backups fix any malware issue, provided someone sees the problem before the versioned backups expire.
    Another solution is to use read-only NFS mounts for most files inside nextcloud.
    Setup a reverse proxy that can filter bad/bogus requests - like base64 encoded data.
    Only allow access to nextcloud over a VPN or ssh-based SOCKS proxy.
    Of course, staying patched is critical.

    I've been running nextcloud for a few years now and employ each of those techniques. The VPN required alone should be sufficient for most nextcloud deployments. We require VPN to access email too.
    Last edited by TheFu; 2 Weeks Ago at 08:38 PM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •