docker 安装fecshop的方式,也就是通过:https://github.com/fecshop/yii2_fecshop_docker
由于mongodb没有用户名和密码,进而造成可以远程访问,@kyohaha 遇到了这个问题:http://www.fecshop.com/topic/1176
,数据库被清空,收到了勒索信息
"_id" : ObjectId("5b304ddb79620f990b69f9b9"),
"BitCoin" : "3GKioTFrCFYcTmZR4DXPGatTXXp6Ugcq79",
"eMail" : "backupservice@protonmail.com",
"Exchange" : "https://localbitcoins.com",
"Solution" : "Your Database is downloaded and backed up on our secured servers. To recover your lost data: Send 0.4 BTC to our BitCoin Address and Contact us by eMail with your server IP Address and a Proof of Payment. Any eMail without your server IP Address and a Proof of Payment together will be ignored. You can apply for a backup summary within 12 hours. Then we will delete the backup. You are welcome!"
这个已经进行了修复,也就是把除了web
容器外的其他的ports
去掉即可,也就是其他的不开放对外端口。
替换后,重启docker-compose
docker-compose stop
docker-compose up -d
官方的配置都进行了修复:
https://github.com/fecshop/yii2_fecshop_docker/blob/master/docker-compose.yml
请docker安装的尽快修复这个问题。
该bug反馈来自于帖子:http://www.fecshop.com/topic/1176