malicious use #1268

dawidmachon · 2026-02-03T11:50:11Z

dawidmachon
Feb 3, 2026

I have these logs. What means and how debug that malicious user ? I think it's my own healthcheck tool outside from server.

copyparty  | 11:45:48.007 up2k                  failed to initialize volume '/': [Errno 13] Permission denied: b'/w/.hist'
copyparty  | 11:45:48.007 up2k                  0 volumes in 0.00 sec
copyparty  | 11:46:35.282 xxx.xxx.xxx.xxx 53465   GET  / @*
copyparty  | 11:46:35.468 xxx.xxx.xxx.xxx 53469   GET  /?tree= @*
copyparty  | 11:46:35.469 xxx.xxx.xxx.xxx 53467   GET  /?setck=js=y @*
copyparty  | 11:46:35.517 xxx.xxx.xxx.xxx 53469   GET  /?ls @*
copyparty  | 11:46:48.603 xxx.xxx.xxx.xxx 55384      malicious user; Cc in req0 '/?reset=/._"' => '"'

It's deployed on docker. Just compose and config.

Answered by 9001

Feb 3, 2026

your healthcheck is including the character " in the url that it polls for healthcheck, this is illegal and the reason why

View full answer

9001 · 2026-02-03T12:52:35Z

9001
Feb 3, 2026
Maintainer

your healthcheck is including the character " in the url that it polls for healthcheck, this is illegal and the reason why

1 reply

dawidmachon Feb 3, 2026
Author

thanks, you are right.
First error resolved by changing permissions on folder to user running docker. (1000)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

malicious use #1268

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment 1 reply

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

malicious use #1268

Uh oh!

Uh oh!

dawidmachon Feb 3, 2026

Replies: 1 comment · 1 reply

Uh oh!

9001 Feb 3, 2026 Maintainer

Uh oh!

dawidmachon Feb 3, 2026 Author

dawidmachon
Feb 3, 2026

Replies: 1 comment 1 reply

9001
Feb 3, 2026
Maintainer

dawidmachon Feb 3, 2026
Author