@Invalid - eviltoast
  • 0 Posts
  • 2 Comments
Joined 1 year ago
cake
Cake day: June 19th, 2023

help-circle

  • Cloudflare yes. Even if you aren’t using tunnels it will help obfuscate your real ip. If you are hosting personal services you can also block access from countries you don’t expect to access them from.

    Also it seems most bots scanning domains are checking www and the base domain url. I recommend pointing those at a vps or something like GitHub or substack if you don’t need it for something else.

    Use a reverse proxy that 404s anything besides the subdomains you are actually using. Always use wildcard certs to avoid exposing subdomains and obfuscate your subdomains for common services to make them hard to guess.

    Isolate your servers from the rest of your network with vlans if possible.

    You will never be fully immune so all you can do is add more layers and roadblocks.