Page 1 of 1

Sabnzbd is misbehaving lately

Posted: June 10th, 2021, 4:02 pm
by xtrips
Hello,
My Sabnzbd has been running on my Unraid server for years flawlessly.
Lately suddenly I have had all sorts of problems and messages from Sabnzbd.
Such as:

ERROR 4 hours ago [10/Jun/2021:19:45:34] ENGINE Error in HTTPServer.serve
Traceback (most recent call last):
File "/usr/lib/python3.9/site-packages/cheroot/server.py", line 1810, in serve
self._connections.run(self.expiration_interval)
File "/usr/lib/python3.9/site-packages/cheroot/connections.py", line 201, in run
self._run(expiration_interval)
File "/usr/lib/python3.9/site-packages/cheroot/connections.py", line 218, in _run
new_conn = self._from_server_socket(self.server.socket)
File "/usr/lib/python3.9/site-packages/cheroot/connections.py", line 272, in _from_server_socket
s, ssl_env = self.server.ssl_adapter.wrap(s)
File "/usr/lib/python3.9/site-packages/cheroot/ssl/builtin.py", line 277, in wrap
s = self.context.wrap_socket(
File "/usr/lib/python3.9/ssl.py", line 500, in wrap_socket
return self.sslsocket_class._create(
File "/usr/lib/python3.9/ssl.py", line 1040, in _create
self.do_handshake()
File "/usr/lib/python3.9/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: BAD_KEY_SHARE] bad key share (_ssl.c:1129)
WARNING 4 hours ago Refused connection from: 23.129.64.143 [Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)]
WARNING 7 hours ago Refused connection from: 167.248.133.54 [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)]
WARNING 7 hours ago Refused connection from: 167.248.133.54 [None]
WARNING 13 hours ago Refused connection from: 188.161.162.34 [None]
WARNING a day ago Refused connection from: 74.120.14.53 [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)]
WARNING a day ago Refused connection from: 74.120.14.53 [None]
WARNING 3 days ago Refused connection from: 74.120.14.40 [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)]
WARNING 3 days ago Refused connection from: 74.120.14.40 [None]
WARNING 3 days ago Refused connection from: 167.248.133.38 [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)]
WARNING 4 days ago Refused connection from: 188.161.163.175 [None]




I solved some of the problems and at the moment the only issues remaining are these errors coming up all the time and the fact that Sabnzbd won't automatically scan the watched folder anymore. But if I manually trigger a scan from the menu it detects files and starts downloading.

Any idea?

Re: Sabnzbd is misbehaving lately

Posted: June 11th, 2021, 12:10 am
by safihre
Your refused connections looks like your Sab is exposed to the internet. We tightened the security a lot in the last release so these ports scans were happening before too, you just didn't get a notice about it.

The ssl error I'm not sure, do you use https? Can you refresh the certificates?

Re: Sabnzbd is misbehaving lately

Posted: June 11th, 2021, 12:10 am
by sander
You're SABnzbd is reachable from Internet. Do you know & want that?

Code: Select all

ssl.SSLError: [SSL: BAD_KEY_SHARE] bad key share (_ssl.c:1129)
is a robot from Internet, using a bad SSL setup

Code: Select all

WARNING 3 days ago Refused connection from: 74.120.14.40
also a robot trying stuff

So first answer my question.

Plus: which version of SABnzbd are you using

Re: Sabnzbd is misbehaving lately

Posted: June 11th, 2021, 12:39 am
by xtrips
I always used https and opened ports on my router to access sabnzbd with IOS apps. These problems only started in the last 2 weeks.
Maybe I should do things differently?
And my version is 3.3.0
Please advise

Re: Sabnzbd is misbehaving lately

Posted: June 11th, 2021, 1:22 am
by sander
To get rid of robot scanners, the most easy thing is: on your router, do not forward 8080 from the outside to 8080 inside, but on the outside use a weird port like 8111 of 16161 (anything below 65000). That way, you limit the chance a robot finds you.

Plus, possibly:

Since SAB 3.3.0, SAB has more security built in ... read https://sabnzbd.org/wiki/extra/access-denied.html

Re: Sabnzbd is misbehaving lately

Posted: June 11th, 2021, 1:48 am
by xtrips
sander wrote:
June 11th, 2021, 1:22 am
To get rid of robot scanners, the most easy thing is: on your router, do not forward 8080 from the outside to 8080 inside, but on the outside use a weird port like 8111 of 16161 (anything below 65000). That way, you limit the chance a robot finds you.

Plus, possibly:

Since SAB 3.3.0, SAB has more security built in ... read https://sabnzbd.org/wiki/extra/access-denied.html
Did it. Thought https, api key and login was enough. I will monitor the behavior now. Thanks

Re: Sabnzbd is misbehaving lately

Posted: June 11th, 2021, 2:17 am
by sander
xtrips wrote:
June 11th, 2021, 1:48 am
Did it. Thought https, api key and login was enough. I will monitor the behavior now. Thanks
Yes, that is enough to make it secure. But what you saw were warnings by SAB and the underlying webserver about wrong/refused connections. So ... harmless, but indeed annoying. By changing the port, chances are now 100 times lower you get such robot scanners and thus warnings.

Re: Sabnzbd is misbehaving lately

Posted: June 11th, 2021, 2:33 am
by safihre
If you want to disable the warnings, you can go into Config > Specials and disable "api_warnings".

Re: Sabnzbd is misbehaving lately

Posted: June 11th, 2021, 2:45 am
by xtrips
safihre wrote:
June 11th, 2021, 2:33 am
If you want to disable the warnings, you can go into Config > Specials and disable "api_warnings".
I wouldn't do that. I think it will be fine now. Thanks