Recently, I experienced frequent most probably automatic “hacking” attempts on my server. I have seen this in the log that Gitea serves live, when the server is running. I tried to find the log file that logs these events to a file, but I did find only other logs in the Gitea log folder. The gitea.log
is always weird, because the one from the current day only shows logs from the previous day, none from today (I just checked again and suddenly it shows the logs from today… Though not sure if this will change back, again.). Also the error.log
was empty, even though the server always crashes when the hacking attempt is going on for too long.
An example of a part of the attack:
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 +0x1b0
gitea.com/macaron/inject.(*injector).Invoke(0x673fe50, 0x1266d78, 0x5b84360, 0x0, 0x0, 0x0, 0x0, 0x0)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 +0x130
gitea.com/macaron/macaron.(*Context).run(0x49b9ae0)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 +0x64
gitea.com/macaron/macaron.(*Context).Next(...)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112
gitea.com/macaron/macaron.Recovery.func1(0x49b9ae0, 0x608a3c0)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 +0x60
gitea.com/macaron/macaron.LoggerInvoker.Invoke(0x267a364, 0x673fe70, 0x2, 0x2, 0x138dbd8, 0x608a3c0, 0xffffffff, 0x0, 0x
28fe48)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 +0x64
gitea.com/macaron/inject.(*injector).fastInvoke(0x673fe50, 0x62ffc770, 0x267a364, 0x2b8eeb0, 0x1275550, 0x2, 0x87, 0x4,
0x0, 0x24403a4c, ...)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 +0x1b0
gitea.com/macaron/inject.(*injector).Invoke(0x673fe50, 0x1275550, 0x267a364, 0x12e94, 0x3824bc0, 0x537694, 0x608a3c0, 0x
2)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 +0x130
gitea.com/macaron/macaron.(*Context).run(0x49b9ae0)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 +0x64
net/http.serverHandler.ServeHTTP(0x6cfc870, 0x2b7c7a0, 0x77ee750, 0x241c4600) [0/1836]
/home/gitea/src/go/src/net/http/server.go:2802 +0x88
net/http.(*conn).serve(0xa27fbc0, 0x2b7e820, 0x92a7260)
/home/gitea/src/go/src/net/http/server.go:1890 +0x7e0
created by net/http.(*Server).Serve
/home/gitea/src/go/src/net/http/server.go:2928 +0x2e4
trap 0x0
gitea.com/macaron/macaron.(*Context).run(0x49b9ae0) [27/1836]
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 +0x64
gitea.com/macaron/macaron.(*Context).Next(...)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112
gitea.com/macaron/macaron.Logger.func1(0x49b9ae0, 0x608a3c0)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:52 +0x1c0
gitea.com/macaron/macaron.LoggerInvoker.Invoke(0x267a354, 0x673fe60, 0x2, 0x2, 0x138dbd8, 0x608a3c0, 0x24403cf0, 0x2, 0x
90)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 +0x64
gitea.com/macaron/inject.(*injector).fastInvoke(0x673fe50, 0x62ffc770, 0x267a354, 0x2b8eeb0, 0x1275550, 0x2, 0x16, 0x13a
4e00, 0x241c4600, 0xc8, ...)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 +0x1b0
gitea.com/macaron/inject.(*injector).Invoke(0x673fe50, 0x1275550, 0x267a354, 0x24078b10, 0x7ca6000, 0x48, 0x77c69c0, 0x4
9b9ae0)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 +0x130
gitea.com/macaron/macaron.(*Context).run(0x49b9ae0)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 +0x64
gitea.com/macaron/macaron.(*Router).Handle.func1(0x2b7c7a0, 0x77ee750,
0x241c4600, 0x92a76a0)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:187 +0x1e8
gitea.com/macaron/macaron.(*Router).ServeHTTP(0x608a390, 0x2b7c7a0, 0x77ee750, 0x241c4600)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:303 +0x160
gitea.com/macaron/macaron.(*Macaron).ServeHTTP(0x6074b00, 0x2b7c7a0, 0x77ee750, 0x241c4600)
/home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/macaron.go:220 +0x10c
github.com/gorilla/context.ClearHandler.func1(0x2b7c7a0, 0x77ee750, 0x241c4600)
/home/gitea/go/src/code.gitea.io/gitea/vendor/github.com/gorilla/context/context.go:141 +0x78
net/http.HandlerFunc.ServeHTTP(0xa2762a0, 0x2b7c7a0, 0x77ee750, 0x241c4600)
/home/gitea/src/go/src/net/http/server.go:2007 +0x34
net/http.serverHandler.ServeHTTP(0x6cfc870, 0x2b7c7a0, 0x77ee750, 0x241c4600)
/home/gitea/src/go/src/net/http/server.go:2802 +0x88
error 0x0
oldmask 0x0
r0 0x0
r1 0x7c7a59b8
r2 0x0
r3 0x8
r4 0x0
r5 0x7c7a59b8
r6 0x7c7a6460
r7 0xaf
r8 0x7c7a5acc
r9 0xe0
r10 0x24027880
fp 0x37f5614
ip 0x20
sp 0x7c7a59b8
lr 0xffffffff
pc 0x76e1745c
cpsr 0x10
fault 0x0
The main thing I want to achieve is block the attackers attacks or block the attacker himself.