Something strange happened(security related)

I created a test instance of Gitea on a server exposed to the internet. However, it is exposed only by IP and is not disclosed.

Today I just noticed a strange user account, which I didn’t register. He simply registered(july 1 2023) on my Gitea server that is not indexed by any search engine. How can be this possible?

user: sgitramp


1 Like

did you leave registration open?

if something is accessible across the net SOMEONE will find it


Thanks for the reply.

I don’t remember changing about the behavior of registering. I didn’t believe that someone would find my server so fast. Less than two weeks. Is Gitea a beacon broadcasting the existence of the server? This sounds like a security flaw. As much as I leave registration open, no one should find it that fast. As I said, it is not registered in any search engine. And it’s an IP, not an address.


not a security flaw, the web is full of script kiddies… 1-2 weeks for a machine with an accessible IP is standard and once an IP is known people/scripts will ping it to find what ports are open and then try to break in.

So people finding your machine by just the IP isn’t a security flaw, its what everyone has to contend with. Now how someone was able to register… 99.999% sure public registration will be enabled (its enabled by default) Config Cheat Sheet | Gitea Documentation

Please check your app.ini to see if DISABLE_REGISTRATION is set to TRUE


Thanks for the clarification.