Hi, recently (ironically, right after sharing some of my posts here on Lemmy) I had a higher (than usual, not high in general) number of “attacks” to my website (I am talking about dumb bots, vulnerability scanners and similar stuff). While all of these are not really critical for my site (which is static and minimal), I decided to take some time and implement some generic measures using (mostly) Crowdsec (fail2ban alternative?) and I made a post about that to help someone who might be in a similar situation.

The whole thing is basic, in the sense that is just a way to reduce noise and filter out the simplest attacks, which is what I argue most of people hosting websites should be mostly concerned with.

  • Findmysec@infosec.pub
    link
    fedilink
    English
    arrow-up
    13
    ·
    4 months ago

    Fail2ban + key-based SSH + self-hosted WAF if you can spin up another machine == 80% of your Web hosting problems gone

    • loudwhisper@infosec.pub
      cake
      OP
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 months ago

      That is basically the essence of this post too! Except crowdsec is used to do what fail2ban does + some light form of WAF (without spinning another machine - which is not strictly needed for a WAF, you can use owasp modsecurity-ready proxies).