MY OctroPrint Just Got Hacked

What is the problem?
In the middle of a print, my printer paused and OctoPrint had an uploaded gcode file as shown in the attached pic.

What did you already try to solve it?
Nothing--don't know what to do.

Logs (octoprint.log, serial.log or output on terminal tab at a minimum, browser error console if UI issue ... no logs, no support!)

octoprint.log (60.7 KB)
Additional information about your setup (OctoPrint version, OctoPi version, printer, firmware, browser, operating system, ... as much data as possible)
Raspberry Pi 3 B+

Do you use port forwarding or something like that to remotely connect to your octoprint?

I shut down the print and am going to start from scratch. And I mean “scratch”… the latest OctoPrint, re-flash the Pi and re-install, taking precautions not to leave anything exposed.

It’s been more than two years since I set it up originally and it’s time anyway. I have more experience now with both OctoPrint and the Pi.

The screenshot shows that you have access control disabled, which OctoPrint explicitly warns you against. ESPECIALLY if you put your instance on the net.

This doesn't look like it got hacked, this looks like you put it on the public internet without any protection and then someone who apparently was nice about it showed you that this is a really bloody bad idea (which again is why OctoPrint warns you against it like there is no tomorrow).


I’m sure you’re right…I was pretty much a noob when I set this up originally (with both Pi, OctoPrint and 3d printing). I just wish he/she could have let me know somehow without killing a 13 hour print right at the end. My bad, but still….

You seem pretty knowledgeable about this stuff, so let me ask a side question:

I have installed the latest version of OctoPi (0.17.0) and did a clean install to the SD card. I booted the Pi and went thru the setup process. It is on my LAN (192.168.0.XX) and I can access it with PuTTY. I changed the password, hostname and set the location. But when I go to http://192.168.0.XX (or http:/{hostname.local} (either http or https), I just get a white screen. Any ideas? Thanks!

You may want to try forcing a refresh of the page in your browser to avoid any cache related issues. Hold down your ctrl key and press F5.

And also check your router if there is any port forwarding activated

1 Like

Or worse - DMZ

1 Like

Consider yourself lucky that it was a White Hat Hacker.

1 Like

I do indeed. I also found a couple of other issues I corrected when I re-installed OctoPi. I now have the correct settings and I thank all of you for your help.