How do you deal with malicious requests to your servers? - eviltoast

I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?

Edit: Thanks for the tips everyone!

  • orangeboats@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    ·
    edit-2
    1 year ago

    I only expose services on IPv6, for now that seems to work pretty well - very few scanners (I encounter only 1 or 2 per week, and they seem to connect to port 80/443 only).

      • orangeboats@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Lol, I have heard some ISP horror stories from the Down Under.

        I am fortunate enough that my country’s government has been forcing ISPs to implement IPv6 in their backbone infrastructure, so nowadays all I have to really do is to flick a switch on the router (unfortunately many routers still turn off IPv6 by default) to get an IPv6 connection.

    • Pixel@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Isn’t that akin to security through obscurity… you might want one more layer of defense

      • orangeboats@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        I still have firewall (that blocks almost all incoming connections) and sshguard setup. I also check the firewall logs daily, blocking IPs that I find to be suspicious.

        I could probably do better, but with so few scanners connecting to my home server, I have managed to sleep way better than back when I setup a server on IPv4!

        Also, even if my home server gets attacked, at least I know that my other devices aren’t sharing the same IP with them… NAT-less is a godsend.