ACTION REQUIRED - Important Crypto.org Chain RPC Security Update (20 June 2021)
Hello, Crypto.org Chain Validator Node Operators:
It has been brought to our attention that an attack on selected validator nodes is being attempted. The attack targets validator nodes with their RPC ports open (in non-compliance with standard security best practices) and is performed by sending large amounts of RPC queries via the open ports. A few validator nodes were impacted by this and went down.
Check and restrict access of the RPC port (default port is 26657 and 1317) to be accessed internally ONLY so that it is not directly exposed. You can check this in the configuration file located in “.chain-maind/config/config.toml” and “.chain-maind/config/app.toml”.
For AWS/Azure 1-click Deployment users, you might consider updating your security group rules. For example, see https://crypto.org/docs/getting-started/aws-1click.html#step-2-6-configure-security-group.
Set up sentry nodes following the guidelines here: https://docs.tendermint.com/master/nodes/validators.html#setting-up-a-validator
Do checks against this Validator Security Best Practices Checklist to fine-tune your setup for further protection.