github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #4844] [Feature Request] frp服务器开放的端口遭受持续暴力攻击, 有解决办法吗(脚本或者插件)? #3825

New issue
Closed
opened 2026-05-05 14:26:46 -06:00 by gitea-mirror · 7 comments
gitea-mirror commented 2026-05-05 14:26:46 -06:00
Owner
Copy link

Originally created by @siwind on GitHub (Jun 21, 2025).
Original GitHub issue: https://github.com/fatedier/frp/issues/4844

Describe the feature request

frp服务非常好用,但是对下述的暴力穷举攻击,
不知道有没有好的解决方法,下面是frps.log文件的部分输出:
(从windows日志看,这个暴力尝试的方法来自于 127.0.0.1的IP地址, 无法屏蔽IP,只能在frps服务端想办法了)

2025-06-21 01:40:00.173 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:34454]
2025-06-21 01:40:00.583 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:13074]
2025-06-21 01:40:02.562 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:44870]
2025-06-21 01:40:03.105 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:25994]
2025-06-21 01:40:05.083 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:56040]
2025-06-21 01:40:05.763 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:40026]
2025-06-21 01:40:07.328 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:6672]
2025-06-21 01:40:08.411 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:53477]
2025-06-21 01:40:09.720 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:17676]
2025-06-21 01:40:10.813 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:8027]
2025-06-21 01:40:12.192 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:29132]
2025-06-21 01:40:13.304 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:19950]
2025-06-21 01:40:14.884 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:41349]
2025-06-21 01:40:15.552 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:31274]
2025-06-21 01:40:18.009 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:52544]
2025-06-21 01:40:18.197 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:44033]
2025-06-21 01:40:20.332 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:55009]
2025-06-21 01:40:22.547 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:7117]
2025-06-21 01:40:24.844 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:19515]
2025-06-21 01:40:27.133 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:30598]
2025-06-21 01:40:29.780 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:44788]
2025-06-21 01:40:32.200 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:57303]
2025-06-21 01:40:34.575 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:10718]

Describe alternatives you've considered

No response

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @siwind on GitHub (Jun 21, 2025). Original GitHub issue: https://github.com/fatedier/frp/issues/4844 ### Describe the feature request frp服务非常好用,但是对下述的暴力穷举攻击, 不知道有没有好的解决方法,下面是frps.log文件的部分输出: (从windows日志看,这个暴力尝试的方法来自于 127.0.0.1的IP地址, 无法屏蔽IP,只能在frps服务端想办法了) ``` 2025-06-21 01:40:00.173 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:34454] 2025-06-21 01:40:00.583 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:13074] 2025-06-21 01:40:02.562 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:44870] 2025-06-21 01:40:03.105 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:25994] 2025-06-21 01:40:05.083 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:56040] 2025-06-21 01:40:05.763 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:40026] 2025-06-21 01:40:07.328 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:6672] 2025-06-21 01:40:08.411 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:53477] 2025-06-21 01:40:09.720 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:17676] 2025-06-21 01:40:10.813 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:8027] 2025-06-21 01:40:12.192 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:29132] 2025-06-21 01:40:13.304 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:19950] 2025-06-21 01:40:14.884 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:41349] 2025-06-21 01:40:15.552 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:31274] 2025-06-21 01:40:18.009 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.2:52544] 2025-06-21 01:40:18.197 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:44033] 2025-06-21 01:40:20.332 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:55009] 2025-06-21 01:40:22.547 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:7117] 2025-06-21 01:40:24.844 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:19515] 2025-06-21 01:40:27.133 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:30598] 2025-06-21 01:40:29.780 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:44788] 2025-06-21 01:40:32.200 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:57303] 2025-06-21 01:40:34.575 [I] [proxy/proxy.go:204] [fe85c8d315254c46] [win11-home-microsoft] get a user connection [88.210.63.3:10718] ``` ### Describe alternatives you've considered _No response_ ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror 2026-05-05 14:26:46 -06:00
gitea-mirror commented 2026-05-05 14:26:50 -06:00
Author
Owner
Copy link

@xqzr commented on GitHub (Jun 21, 2025):

远离 IPv4

<!-- gh-comment-id:2993634615 --> @xqzr commented on GitHub (Jun 21, 2025): 远离 IPv**4**
gitea-mirror commented 2026-05-05 14:26:51 -06:00
Author
Owner
Copy link

@siwind commented on GitHub (Jun 26, 2025):

解决方法有2种:

  1. 使用frp的stcp方式连接 (缺点,不能随时随地使用任意windows连接)
  2. 插件方式(只是设想)
    在服务器上部署插件,通过读取frps的日志,并判断如果10分钟之内的连接次数(失败)超过阈值(例如10次),
    则封禁此攻击者IP。
    (这种方式,保留了随时远程访问的能力,但是需要插件提供对暴力破解的封禁功能)
<!-- gh-comment-id:3008862933 --> @siwind commented on GitHub (Jun 26, 2025): 解决方法有2种: 1) 使用frp的stcp方式连接 (缺点,不能随时随地使用任意windows连接) 2) 插件方式(只是设想) 在服务器上部署插件,通过读取frps的日志,并判断如果10分钟之内的连接次数(失败)超过阈值(例如10次), 则封禁此攻击者IP。 (这种方式,保留了随时远程访问的能力,但是需要插件提供对暴力破解的封禁功能)
gitea-mirror commented 2026-05-05 14:26:51 -06:00
Author
Owner
Copy link

@XuruiPro commented on GitHub (Jul 7, 2025):

写个脚本监听frp日志,ip地址太频繁就把ip地址写入/etc/hosts.deny文件

<!-- gh-comment-id:3043397559 --> @XuruiPro commented on GitHub (Jul 7, 2025): 写个脚本监听frp日志,ip地址太频繁就把ip地址写入/etc/hosts.deny文件
gitea-mirror commented 2026-05-05 14:26:52 -06:00
Author
Owner
Copy link

@litrycn commented on GitHub (Jul 8, 2025):

frps 加个管理的插件
https://github.com/gofrp/plugin

<!-- gh-comment-id:3047108780 --> @litrycn commented on GitHub (Jul 8, 2025): frps 加个管理的插件 https://github.com/gofrp/plugin
gitea-mirror commented 2026-05-05 14:26:53 -06:00
Author
Owner
Copy link

@seaskydl commented on GitHub (Jul 16, 2025):

considering using fail2ban in frp server side.

<!-- gh-comment-id:3076287838 --> @seaskydl commented on GitHub (Jul 16, 2025): considering using fail2ban in frp server side.
gitea-mirror commented 2026-05-05 14:26:53 -06:00
Author
Owner
Copy link

@seaskydl commented on GitHub (Jul 16, 2025):

For frp project owner, suggest to have a server side function to mange connection security.

<!-- gh-comment-id:3076301989 --> @seaskydl commented on GitHub (Jul 16, 2025): For frp project owner, suggest to have a server side function to mange connection security.
gitea-mirror commented 2026-05-05 14:26:54 -06:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Jul 30, 2025):

Issues go stale after 14d of inactivity. Stale issues rot after an additional 3d of inactivity and eventually close.

<!-- gh-comment-id:3134516519 --> @github-actions[bot] commented on GitHub (Jul 30, 2025): Issues go stale after 14d of inactivity. Stale issues rot after an additional 3d of inactivity and eventually close.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#3825
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?