It's very abnormal. Only public ports are 80 and 443 and checked by an ngf. What bad configuration can set nginx to open connections to ips and ports starting from a request on port 80/443? There's some specific settings i can check?by gibo - Other discussion
Yes it is. But the question is: can be compromised by an nginx exploit? It's the only service installed and without any site hosted directly. Only proxied sites.by gibo - Other discussion
gibo Wrote: ------------------------------------------------------- > Good morning, > > i've notice on my firewall some strange connections (denied) starting > from an nginx based reverse proxy located in a dmz. > Connections starts from the machine and point some random ips and port > all over the world (on common ports like 21, 6667, 22, etc.). > This nginx is conby gibo - Other discussion
Good morning, i've notice on my firewall some strange connections (denied) starting from an nginx based reverse proxy located in a dmz. Connections starts from the machine and point some random ips and port all over the world (on common ports like 21, 6667, 22, etc.). This nginx is configured only as reverse proxy without any cgi and htdocs installed so can be this an exploit? Debian 10by gibo - Other discussion