I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?

Edit: Thanks for the tips everyone!

  • orangeboats@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    I only expose services on IPv6, for now that seems to work pretty well - very few scanners (I encounter only 1 or 2 per week, and they seem to connect to port 80/443 only).

    • Pixel@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Isn’t that akin to security through obscurity… you might want one more layer of defense

      • orangeboats@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        I still have firewall (that blocks almost all incoming connections) and sshguard setup. I also check the firewall logs daily, blocking IPs that I find to be suspicious.

        I could probably do better, but with so few scanners connecting to my home server, I have managed to sleep way better than back when I setup a server on IPv4!

        Also, even if my home server gets attacked, at least I know that my other devices aren’t sharing the same IP with them… NAT-less is a godsend.

      • orangeboats@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Lol, I have heard some ISP horror stories from the Down Under.

        I am fortunate enough that my country’s government has been forcing ISPs to implement IPv6 in their backbone infrastructure, so nowadays all I have to really do is to flick a switch on the router (unfortunately many routers still turn off IPv6 by default) to get an IPv6 connection.

        • 🅱🅴🅿🅿🅸@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          Yeah the internet services here are really stuck in the past. Hard to tell if theyre taking advantage of the scarcity of ipv4 addresses to make more money somehow, or of theyre just too fuckn lazy