Which log saves foreground Info of Gitea Server

Akito · January 13, 2020, 12:10pm

Recently, I experienced frequent most probably automatic “hacking” attempts on my server. I have seen this in the log that Gitea serves live, when the server is running. I tried to find the log file that logs these events to a file, but I did find only other logs in the Gitea log folder. The gitea.log is always weird, because the one from the current day only shows logs from the previous day, none from today (I just checked again and suddenly it shows the logs from today… Though not sure if this will change back, again.). Also the error.log was empty, even though the server always crashes when the hacking attempt is going on for too long.

An example of a part of the attack:

        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 +0x1b0
gitea.com/macaron/inject.(*injector).Invoke(0x673fe50, 0x1266d78, 0x5b84360, 0x0, 0x0, 0x0, 0x0, 0x0)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 +0x130
gitea.com/macaron/macaron.(*Context).run(0x49b9ae0)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 +0x64
gitea.com/macaron/macaron.(*Context).Next(...)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112
gitea.com/macaron/macaron.Recovery.func1(0x49b9ae0, 0x608a3c0)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 +0x60
gitea.com/macaron/macaron.LoggerInvoker.Invoke(0x267a364, 0x673fe70, 0x2, 0x2, 0x138dbd8, 0x608a3c0, 0xffffffff, 0x0, 0x
28fe48)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 +0x64
gitea.com/macaron/inject.(*injector).fastInvoke(0x673fe50, 0x62ffc770, 0x267a364, 0x2b8eeb0, 0x1275550, 0x2, 0x87, 0x4,
0x0, 0x24403a4c, ...)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 +0x1b0
gitea.com/macaron/inject.(*injector).Invoke(0x673fe50, 0x1275550, 0x267a364, 0x12e94, 0x3824bc0, 0x537694, 0x608a3c0, 0x
2)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 +0x130
gitea.com/macaron/macaron.(*Context).run(0x49b9ae0)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 +0x64

net/http.serverHandler.ServeHTTP(0x6cfc870, 0x2b7c7a0, 0x77ee750, 0x241c4600)                                   [0/1836]
        /home/gitea/src/go/src/net/http/server.go:2802 +0x88
net/http.(*conn).serve(0xa27fbc0, 0x2b7e820, 0x92a7260)
        /home/gitea/src/go/src/net/http/server.go:1890 +0x7e0
created by net/http.(*Server).Serve
        /home/gitea/src/go/src/net/http/server.go:2928 +0x2e4

trap    0x0
gitea.com/macaron/macaron.(*Context).run(0x49b9ae0)                                                            [27/1836]
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 +0x64
gitea.com/macaron/macaron.(*Context).Next(...)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112
gitea.com/macaron/macaron.Logger.func1(0x49b9ae0, 0x608a3c0)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:52 +0x1c0
gitea.com/macaron/macaron.LoggerInvoker.Invoke(0x267a354, 0x673fe60, 0x2, 0x2, 0x138dbd8, 0x608a3c0, 0x24403cf0, 0x2, 0x
90)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 +0x64
gitea.com/macaron/inject.(*injector).fastInvoke(0x673fe50, 0x62ffc770, 0x267a354, 0x2b8eeb0, 0x1275550, 0x2, 0x16, 0x13a
4e00, 0x241c4600, 0xc8, ...)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 +0x1b0
gitea.com/macaron/inject.(*injector).Invoke(0x673fe50, 0x1275550, 0x267a354, 0x24078b10, 0x7ca6000, 0x48, 0x77c69c0, 0x4
9b9ae0)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 +0x130
gitea.com/macaron/macaron.(*Context).run(0x49b9ae0)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 +0x64
gitea.com/macaron/macaron.(*Router).Handle.func1(0x2b7c7a0, 0x77ee750, 
0x241c4600, 0x92a76a0)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:187 +0x1e8
gitea.com/macaron/macaron.(*Router).ServeHTTP(0x608a390, 0x2b7c7a0, 0x77ee750, 0x241c4600)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:303 +0x160
gitea.com/macaron/macaron.(*Macaron).ServeHTTP(0x6074b00, 0x2b7c7a0, 0x77ee750, 0x241c4600)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/macaron.go:220 +0x10c
github.com/gorilla/context.ClearHandler.func1(0x2b7c7a0, 0x77ee750, 0x241c4600)
        /home/gitea/go/src/code.gitea.io/gitea/vendor/github.com/gorilla/context/context.go:141 +0x78
net/http.HandlerFunc.ServeHTTP(0xa2762a0, 0x2b7c7a0, 0x77ee750, 0x241c4600)
        /home/gitea/src/go/src/net/http/server.go:2007 +0x34
net/http.serverHandler.ServeHTTP(0x6cfc870, 0x2b7c7a0, 0x77ee750, 0x241c4600)
        /home/gitea/src/go/src/net/http/server.go:2802 +0x88
error   0x0
oldmask 0x0
r0      0x0
r1      0x7c7a59b8
r2      0x0
r3      0x8
r4      0x0
r5      0x7c7a59b8
r6      0x7c7a6460
r7      0xaf
r8      0x7c7a5acc
r9      0xe0
r10     0x24027880
fp      0x37f5614
ip      0x20
sp      0x7c7a59b8
lr      0xffffffff
pc      0x76e1745c
cpsr    0x10
fault   0x0

The main thing I want to achieve is block the attackers attacks or block the attacker himself.

buddyspencer · January 17, 2020, 1:05pm

did you checkout this page already?
https://docs.gitea.io/en-us/logging-configuration/