I am using linux traccar server 5.5 setup for mysql. Traccar has been working well for us for many years, including a custom app by Anton & company that incorporates traccar features. Recently I noticed some bogus entries in tc_devices, and then tc_users. The admin/admin password had not been changed after setup on new server, my fault. I fixed that.
I can delete bogus users from the admin login, now with changed password.
The first batch of bogus users/devices was about 3 months ago, the second batch a few weeks.
My question is, if I use mysql to delete all the bogus entries from tc_devices, will this create a problem?
Thanks
Mike
list of users as of 12/6/24
MariaDB [traccar]> select id, name from tc_users;
+----+----------------------------------+
| id | name |
+----+----------------------------------+
| 1 | admin |
| 2 | eco |
| 3 | onthego |
| 5 | Maria |
| 6 | 70412c277df31b4b6b3de31f82c37545 |
| 7 | af32edbce7853a028d54b357131ee08b |
| 8 | 71f12b22d2b54b20f54f978cc82ff1e9 |
| 9 | 185695bc066c8576c79175ed6d9b630c |
| 10 | f50e7fe3ace1580cc80f04aff62b392d |
| 11 | djpyg |
| 12 | ahqat |
| 13 | loxzu |
| 14 | uiwfm |
| 15 | hicgwvyl |
| 16 | jjleqlgn |
| 17 | jfrbphoy |
| 18 | muibiauy |
+----+----------------------------------+
17 rows in set (0.000 sec)
The tc_devices are what I noticed first:
MariaDB [traccar]> select id, name from tc_devices;
+----+--------------------------+
| id | name |
+----+--------------------------+
| 1 | Galaxy traccar |
| 2 | iphone onthego #2 |
| 3 | galaxy app |
| 4 | tab1 |
| 5 | tab2 |
| 6 | tab3 |
| 7 | tab4 |
| 10 | Gianni |
| 11 | Yovi 7 |
| 12 | Danitza 6 |
| 13 | eco1 |
| 14 | eco2 |
| 15 | eco3 |
| 16 | eco4 |
| 17 | Yovi traccar |
| 18 | mc tablet |
| 26 | eco_ipad |
| 27 | Leticia |
| 28 | mc iphone |
| 29 | zte |
| 31 | SLO Cleaning |
| 32 | fc379a510ed87814e2068027 |
| 33 | a0f67f17d7dfc6601c00aa49 |
| 34 | 2cc121d13a70e4e06abfc805 |
| 35 | 6bdfd20f5ca00ecaf5075840 |
| 36 | 2f4859bc1f51987a655ff162 |
| 37 | Nick |
| 38 | Miguel Colombo iphone |
| 39 | lrylbcki |
| 40 | nnnxbykn |
| 41 | heikqg |
| 42 | eejzqg |
| 43 | pixel new |
| 44 | Meylin |
| 45 | pixel traccar |
| 46 | kR7b8rPLbYgIv7cz |
| 47 | Sr8ayxxpR0w3qNxM |
| 48 | fMqJ6mcN0mxkwFfB |
| 49 | RvCCQtCznE5ds7oK |
| 50 | xxx |
+----+--------------------------+
40 rows in set (0.000 sec)
I have just disabled the bogus users
Hacked or you never disabled public registration?
Never changed the admin/admin password. Did that this morning. Is there another way to disable public registration?
Yes, in the server settings.
So uncheck the Registration Permission?
I am using linux traccar server 5.5 setup for mysql. Traccar has been working well for us for many years, including a custom app by Anton & company that incorporates traccar features. Recently I noticed some bogus entries in tc_devices, and then tc_users. The admin/admin password had not been changed after setup on new server, my fault. I fixed that.
I can delete bogus users from the admin login, now with changed password.
The first batch of bogus users/devices was about 3 months ago, the second batch a few weeks.
My question is, if I use mysql to delete all the bogus entries from tc_devices, will this create a problem?
Thanks
Mike