WebQuery can crash the server

Hello, how are you? It has happened to me 2 times in a row and it seems strange to me, I leave the crashdump. To know if you can help me if the error is from my vps or is it something from the server that needs to be fixed

https://www.mediafire.com/file/6gjy01reiq97lr5/crashdumps.rar/file

1 Like

Same here, random as of today.

1 Like

It happened again today, I’m full of crashdump

1 Like

Get the fix

5 Likes

Having similar issues as described above.
It does seem like ddos attacks or a new exploit are causing these crashes.
When more connections attempt to reach the server, it just crashes. The server has always been ddos’d, but only for the past weak does it crash, so it seems like something new.
I’ll test with the experimental version and advise.

Edit: There was no improvement. The crashes were caused after a larger amount of http queries were made (port 10080). And by larger, I mean a VERY small number, so this looks like a vulnerability.
Blocking port 10080 seems to have mitigated the crashes.

3 Likes

What does teamspeak use port 10080 for?

This is the WebQuery (http) Port. :slight_smile:

1 Like

Yes. Web query HTTP port.
I tried to change it but for some reason it doesn’t change it with the query_http_port command.

There is no command for this port.
There are only start parameters that can be used on server instance start

query_http_port=10080 and query_https_port=10443

2 Likes

We are going to fix this and release a beta

Meanwhile following options exist to avoid the crash

  • Close ports 10080 TCP and 10443 TCP from outside connections. So you can still use the WebQuery from local connection.
  • Change the ports with start parameters query_http_port=10080 and query_https_port=10443
  • Setup a reserve web server (like Nginx) in front of the WebQuery
2 Likes

10022 Port

what is that port from?

This is the ServerQuery (SSH) :slight_smile:

If you don’t know which Port TeamSpeak is using, please follow this guide:

Get the fix

3 Likes

Thank you. :slight_smile:

1 Like

Update the server, within minutes the server banned all connection query from port 10011. Yatqa, ranking pages such as gametracker, tsviewer and others where we are registered.
I included their ip’s in the white list, it remains the same. Every certain time the server blocks the connection

A few people are complaining about this.
I’ve tested it on 3.13.3 and the current beta version and got no issue.
Part of the tests are scans each second, fetching the client list and spamming messages to a user.
Non of that would result in the issuer being banned (temporarily).

Make sure to set the parameter query_skipbruteforcecheck=1 on server start.

As mentioned above crashes should be fixed by the currently available beta version.
I’ve not issued any crash so far since updating to the beta version.

what does that parameter do

If enabled it works like every query ip would be on the query_ip_whitelist.

I don’t think that’s accurate.
I’m not 100% sure about this but…

Flood and bruteforce protection should be two different things.
According to the currently available docs they are.

query_skipbruteforcecheck (0)
If set to “1”, the server will skip the bruteforce protection for whitelisted Ip addresses for the ServerQuery interface.
Default: 0 -> bruteforce protection is enabled

query_ip_allowlist (query_ip_allowlist.txt)
The file containing allowed IP addresses for the ServerQuery interface. All hosts listed in this file will be ignored by the ServerQuery flood protection.

The amount of his mentioned services logging in with/without logout can probably trigger the bruteforce protection.

Make sure the IP addresses of all services are whitelisted AND the start parameter query_skipbruteforcecheck is set to 1.
(as mentioned in my previous message)

1 Like

@FakE Thanks for the clarification. :slight_smile:

1 Like
twitch instagram twitter facebook