Connectivity Problem with Application Deployment - Rate limiting. Waiting and restarting did not help

Technical Support
,
1

System Information

Field Value
Operating System Linux - Ubuntu 20.04.6 on x86_64
Product AMP ‘Callisto’ v2.5.1.8 (Mainline)
Virtualization None
Application Application Deployment
Module ADSModule
Running in Container No
Current State Indeterminate

Problem Description

Issue

Rate limited - try again later The auth server at http://localhost:8080/ is not accepting login requests from you at this time. Please wait several minutes before trying again.

Reproduction Steps

  • Updated to latest AMP version
  • Restarted all instances
  • Waited 5+ minutes
  • Click “manage” get error in detailed description
2

There’s a botnet spamming SSH/SFTP at the moment.
Block 188.190.10.x in your firewall (eg if you use ufw: ufw insert 1 deny from 188.190.10.0/24)
Then restart the ADS instance from the command line to clear the rate limit:
ampinstmgr restart ADS01

3

I’ve tried that. Got feedback that the rule updated, restarted the instance, but same behavior returned less than 5 minutes later.

4

image
image1454×287 48.4 KB

yeah same thing here and I have no idea where it’s from. It’s always thoses sames, and I have no clue what’s their IP to be able to block them.

5

Some users are having trouble adding firewall rules to their setups for whatever reason, doesn’t seem to be related to AMP, as I’ve been able to do it fine on multiple Ubuntu/Debian installs

6

The IPs are logged inside the instances, it’s the same set of IPs attacking everyone.

7

Thanks for the message I found them and they correspond to the ones you said thank you!

8

Yeah, once there’s a fix in place the IP logging should line up

9

I set up fail2ban to automatically ban those spamming ip adresses.
If youre interrested in using fail2ban, here is my configuration:

create or update the file /etc/fail2ban/jail.local (maybe you need to update your port range):

[sftp-amp]
enabled  = true
port     = 3224:3229
filter   = sftp-amp
logpath  = /home/amp/.ampdata/instances/**/AMP_Logs/*.log
maxretry = 5
bantime  = 3600
findtime = 600
backend  = auto

create the file /etc/fail2ban/filter.d/sftp-amp.conf:

[INCLUDES]
before = common.conf

[Definition]
failregex = .*SFTP authentication denied for .*@<HOST>
            .*Authentication failure for .* from <HOST>
ignoreregex =
10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.