Security error or glitch with ghost docker image and hosted on AWS using ECS and EC2

Yavishth · December 18, 2023, 10:09am

Hi All, In a few past couple weeks I have been coming in every monday just to see that someone has touched my blog page and deleted various kind of featured images, sometimes title of blogs and sometimes even changed my hierarchy of titles.

When I check the history, i do not find anyone doing any changes or the ghost does not show it.
This morning it went a little extreme as I could not see any of the images and titles of blogs posted in the last week.

I have attached the proof, and I would like to know what changes can be made and who’s fault is it.

Ghost hosted by creating its docker image and hosted on AWS using ECS and EC2.

Cathy_Sarisky · December 19, 2023, 5:17pm

That’s very strange, although the attached image doesn’t help me understand the problem much.

I’d check for unexpected users under Staff (check all categories). Change the passwords. I’d also check for unexpected API keys under integrations, and regenerate API keys for integrations that are supposed to be there.

Any services like Zapier or Make set up, that might be allowed to edit your site?

You should also investigate whether your install on AWS is secured. Are there default passwords somewhere that need to be changed? Is there anything informative in your AWS logs?

Topic		Replies	Views
AWS/Docker: Unable to post the blog on my website through a self hosted ghost page Self-hosting	36	471	January 23, 2024
Ghost + EC2 + CloudFront = strange admin UI Installation	1	1030	December 5, 2018
Ghost not secured and no site preview \| Docker, Nginx Proxy Manager Using Ghost	0	514	February 8, 2023
Images not showing up on my blog Developer help	0	1239	June 20, 2021
Ghost Docker fail2ban configuration to block traffic from script kiddies & botnets? Self-hosting	0	453	October 25, 2022

Security error or glitch with ghost docker image and hosted on AWS using ECS and EC2

Related topics