I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?
Edit: Thanks for the tips everyone!
I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?
Edit: Thanks for the tips everyone!
Waf is the way to go I think. Fail2ban has had it’s own issues over the years, and if you use keys then you can forget about the constant SSH attempts. The ‘AllowUsers’ option in your SSH config is a good place to start too.
I just find all of these “lock down port 22” posts to be so noobish. Declarative waf is the way to go
Edit: Red Hat Identity Management (IdM) + Hashicorp Vault if you really care about SSH. Rotate your keys and create new users automatically