143
How do you deal with malicious requests to your servers? (lemmy.dbzer0.com)
submitted 2 years ago* (last edited 2 years ago) by jcal@lemmy.dbzer0.com to c/selfhosted@lemmy.world
77 comments fedilink hide all child comments

I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?

Edit: Thanks for the tips everyone!

you are viewing a single comment's thread
view the rest of the comments
[-] AngryHippy@lemmy.world 23 points 2 years ago

Fail2ban and Nginx Proxy Manager. Here's a tutorial on getting started with Fail2ban:

https://github.com/yes-youcan/bitwarden-fail2ban-libressl

[-] Pete90@feddit.de 3 points 2 years ago

I really wanted to use this and set it up a while ago. Works great but in the end I had to deactivate it, because my nextcloud instance would cause too many false positives (404s and such) and I would ban my own up way too often.

[-] AES@lemmy.ronsmans.eu 2 points 2 years ago

Crowdsec is more advanced

[-] SeeJayEmm@lemmy.procrastinati.org 1 points 2 years ago

Does it integrate with NPM?

[-] AES@lemmy.ronsmans.eu 4 points 2 years ago

Yes it does! You find everything on the site. It is very well documented.

[-] SeeJayEmm@lemmy.procrastinati.org 2 points 2 years ago

Ok, so I spent way too much time tonight trying to figure this out, made a mess of my npm, and fixed it.

It is very well documented.

Official documentation on using crowdsec with NPM is out of date and relies on a fork that's no longer maintained. I'm trying to find any documentation on how to integrate the bouncer into the official NPM project and am really coming up empty.

[-] AES@lemmy.ronsmans.eu 1 points 2 years ago* (last edited 2 years ago)

You only need the unmaintaind version (official PR is in the works: https://github.com/NginxProxyManager/nginx-proxy-manager/pull/2677 ) if you want to bounce at the NPM level (aka: with a captcha). At the moment I am using crowdsec to parse the NPM logs (and some other logs) and bounce at the IP tables level on my VPS ( block only) and at the opnsense firewall level (also block only) at home.

this post was submitted on 08 Jul 2023
143 points (100.0% liked)

Selfhosted

59794 readers
315 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world