I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?

Edit: Thanks for the tips everyone!

  • lemmy@lemmy.nsw2.xyz
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago
    • Turn off password login for SSH and only allow SSH keys
    • Cloudflare tunnel
    • Configure nginx to resolve the real IPs since it will now show a bunch of Cloudflare IPs. See discussion.
    • Use Fail2ban or Crowdsec for additional security for anything that gets past Cloudflare and also monitor SSH logs.
    • Only incoming port that needs to be open now is SSH. If your provider has a web UI console for your VPS you can also close the SSH port, but that’s a bit overkill.