PiSignage Open-source Server Admin username and password issue

Question

PiSignage Open-source Server Admin username and password issue

Opened this issue 3 years ago · 6 comments

Hi,

My newly built PiSignage server resets my admin username and password every few days, my groups and registered players are also gone ever time it resets. Except for the playlist and assets they are still present. Please advise. Many thanks!

Answer 1 · 2021-12-27T07:32:59.000Z

Looks like mongodb is not setup properly or not connected. playlists and assets are files and do not use database

Answer 2 · 2021-12-27T17:43:16.000Z

How do you check if the mongodb is working properly under the docker container? Thanks!

Answer 3 · 2022-04-04T07:42:15.000Z

I have the same issue. Is there a known solution already?

Answer 4 · 2022-07-16T05:02:01.000Z

Can you check with the latest update?

Answer 5 · 2023-11-30T18:36:19.000Z

This is happening because your server is getting ransomware. If you use the docker install for open source server it exposes the Mongo port to the outside world which means anyone can access your database without credentials. mongodb://SERVERIP:27017 will allow direct access to all of your pisignage information.

Specifically in the yml file
ports:
- 27017:27017

is exposing your database. If you were to download Compass by Mongo and enter the connection string you will see that your database has a file from the ransomware attackers with instructions to decrypt your database.

As far as a fix, you would need to look into if 27017 needs to be open for the outside world as I am not too familiar with docker ports but I did do enough digging to figure out this was indeed ransomware causing this.

TLDR:
Ransomware due to port 27017 being exposed to the outside world without authentication so any attacker can find your server IP and have access to your data.

Answer 6 · 2023-12-01T03:25:35.000Z

Simply blocking mongo port on wan port of your router will solve this.