AWS Intrusion Attempts by an ec2 with ERPNext on it

Frappe Framework Bug
1

Hey all,

so on 26th of march i had launched an ec2 instance with ERPNext 13 using the AMI (link: http://build.erpnext.com/ERPNext-Production.ova), on 1st April i got an email from AWS saying that the instance was hitting other servers

the email just gives a small part of the log file, but to diagnose the issue i would require the entire log file, but aws also blocked the outbound ports so now i can ssh in ?

i don’t know what to really do here, any suggestions would be great

Thanks

2

Are you sure that you replaced all default passwords that the ova uses?
If no: I would recommend to terminate the instance and start fresh, first action to adapt default pwds.

1 Like
3

oh yea lol :sweat_smile:, idk how i missed that
thanks