Postgres dying after many failed logins
| От | Lynn Carol Johnson |
|---|---|
| Тема | Postgres dying after many failed logins |
| Дата | |
| Msg-id | 58143128-71A6-4C51-9BCD-35105A385FA8@cornell.edu обсуждение исходный текст |
| Ответы |
Re: Postgres dying after many failed logins
(Vijaykumar Jain <vijaykumarjain.github@gmail.com>)
Re: Postgres dying after many failed logins (Tom Lane <tgl@sss.pgh.pa.us>) Re: Postgres dying after many failed logins (Rui DeSousa <rui@crazybean.net>) |
| Список | pgsql-admin |
Hello all- I have a postgres instance running on an AWS ec2 machine (not RDS ). It is receiving many hits from the hacker address 209.141.53.139. Because this address has been implicated in hacker attempts previously, I have the pg_hba.conf set to explicitlyreject this address ( so I can see how many times it hits). https://www.abuseipdb.com/check/209.141.53.139 Note there are other restrictions on which addresses are allowed to connect, and we have non-default passwords setup on thisdb. I'm finding that after postgres is hit by and rejects many connections, it dies. I haven't been able to find any documentationthat explains failed connections causing the server to die but that is what I'm seeing. In the log file thereare multiple of these messages: 2021-11-04 15:14:46.537 UTC [1513486] postgres@postgres FATAL: pg_hba.conf rejects connection for host "209.141.53.139",user "postgres", database "postgres", SSL on 2021-11-04 15:14:46.709 UTC [1513488] postgres@postgres FATAL: pg_hba.conf rejects connection for host "209.141.53.139",user "postgres", database "postgres", SSL off 2021-11-04 15:14:48.566 UTC [1513494] postgres@postgres FATAL: pg_hba.conf rejects connection for host "209.141.53.139",user "postgres", database "postgres", SSL on 2021-11-04 15:14:48.761 UTC [1513505] postgres@postgres FATAL: pg_hba.conf rejects connection for host "209.141.53.139",user "postgres", database "postgres", SSL off .... 2021-11-05 11:13:49.519 UTC [1834715] postgres@postgres FATAL: pg_hba.conf rejects connection for host "209.141.53.139",user "postgres", database "postgres", SSL on 2021-11-05 11:13:49.702 UTC [1834718] postgres@postgres FATAL: pg_hba.conf rejects connection for host "209.141.53.139",user "postgres", database "postgres", SSL off 2021-11-05 14:35:09.197 UTC [1451469] LOG: received smart shutdown request 2021-11-05 14:35:09.222 UTC [1451660] postgres@breedbase FATAL: terminating connection due to administrator command 2021-11-05 14:35:09.222 UTC [1451662] postgres@breedbase FATAL: terminating connection due to administrator command And after the time span seen here, the log shows a smart shutdown request message shown above. All connections are terminatedand the system is shut down. My question: Is this expected behavior, ie that the server will shutdown after hours of failed attempts? Is there anythingI can do to prevent this, or further secure the database? The hackers are unsuccessful due to the rejected connections,but it is a problem that the database server is continually shut down. Thanks - Lynn
В списке pgsql-admin по дате отправления:
Предыдущее
От: Holger JakobsДата:
Сообщение: Re: Looking for help to migrate Oracle PL SQL code to PGSQL code