Sorry to dig up this thread, but i got the same problem, but it is somewhat necessary to host teddycloud publicly.
I restarted the container to clear the warning and tried to “trigger” the alert/warning/log using curl, but i did not manage to do so, i only get
teddycloud | INFO |server.c:0897:server_init| 1 open HTTPS Web connections
teddycloud | WARN |server_helpers.c:0820:httpServerUriUnauthorizedCallback| >> 401 on /robots.txt
teddycloud | INFO |server.c:0897:server_init| 0 open HTTPS Web connections
how can i authorize against teddycloud, and how did some unknown crawler mange to do so?
As far as i can tell the initial incident was triggered here
teddycloud | WARN |handler_security_mit.c:0135:handleSecMitRobotsTxt| robots.txt access detected with User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11
i still use v0.6.0 to reproduce the incident.
port 80 is reverse proxied using apache2 and htpasswd
8443 is not exposed.
port 443 is tls proxied using haproxy and working somewhat fine.
still the security incident should not care about proxies. Some crawler tried to access /robots.txt and somehow managed to authenticate if i read the tc logs correctly
And i fail to reproduce acessing /robots.txt as i get a 401 unauthorised error as described in the first post
The robots.txt is triggered if accessed via the Web ports 8443 and 80.
If this error is already triggered, only a restart of teddyCloud helps to clear the lock.