I instailed dietpi a few weeks ago with plex and few other stuff like sonarr and radarr. But there a few weeks ago random torrents were always getting added to bittorrent, so i put a password on it and it stopped that. but now i noticed on my router my dietpi server is opening port 8999 and if i go to that port on the browser its just a bunch of random letters and seical characters and also its opening port ranage 22000 to 5832, any way to figure out whats going on here seems werid.
Disable upnp nat on the router, it is a security hole. Open manually the ports you need to be forwarded to the lan.
definitely, upnp is something you should not have active.
Is one of our BitTorrent implementations setup without a password-protection by default? I recognised in case of rTorrent that not with all webservers the RPC socket proxy was password-protected together with the ruTorrent front-end, but that is solved already.
A pain that UPnP is still a way to open ports/enable forwarding on routers. I wonder why there has never been developed a secure password-protected API for this 
.