I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?

Edit: Thanks for the tips everyone!

  • apigban
    link
    fedilink
    English
    41 year ago

    Depends on what kind of service the malicious requests are hitting.

    Fail2ban can be used for a wide range of services.

    I don’t have a public facing service (except for a honeypot), but I’ve used fail2ban before on public ssh/webauth/openvpn endpoint.

    For a blog, you might be well served by a WAF, I’ve used modsec before, not sure if there’s anything that’s newer.