oktonoid
Brute force attack
Hi, I've had some sort of brute force attack on my back end server, ~5000 attempts within 10min, Get and Post requests trying various api end points e.g. /api/v4/users/9, /xmlrpc.php, /adminer.php, /api/api/schema, ... all from the same ip
Three questions:
a) Is there a place this should be reported to and
b) Is there a way to find out if an end point was hit successfully?
c) Do you have any recommendations or is there functionality within railway to guard against / block these sorts of attacks?
Thanks!
8 replies
Connecting python to redis database
I am unable to connect my redis database from my python application (that's running a fastapi server, using redis-py)
I'm using
import redis
r = redis.Redis(
host=HOST,
port=PORT,
password=PASSWORD,
ssl=True,
charset="utf-8",
decode_responses=True
)
and I tried all combinations of host=, with and without port= (of course password from the variables tab)
o) monorail.proxy.rlwy.net
o) REDIS_PRIVATE_URL, i.e. 'redis://default:[email protected]:6379'
o) REDIS_URL, i.e. 'redis://default:[email protected]:31442'
o) 'redis.railway.internal'
o) 'redis' (since the settings says 'You can also simply call me redis')
but nothing's working.
The deployment logs print:
redis://default:[email protected]:6379:6379. Name or service not known.
redis://default:[email protected]:6379. Name or service not known.
redis://default:[email protected]:6379:31442. Name or service not known.
redis://default:[email protected]:6379:31442. Name or service not known.
redis://default:[email protected]:31442:6379. Name or service not known.
redis://default:[email protected]:31442. Name or service not known.
What's the correct settings here for host and port to establish the connection?76 replies