[-] teapot@programming.dev 46 points 1 year ago

Anything exposed to the internet will get probed by malicious traffic looking for vulnerabilities. Best thing you can do is to lock down your server.

Here's what I usually do:

  • Install and configure fail2ban
  • Configure SSH to only allow SSH keys
  • Configure a firewall to only allow access to public services, if a service only needs to be accessible by you then whitelist your own IP. Alternatively install a VPN

teapot

joined 1 year ago