Ancestors

Written by d00phy on 2024-11-08 at 13:54

Does Caddy or Traefik get me anything I don't already have?

https://lemmy.world/post/21778874

=> More informations about this toot | More toots from d00phy@lemmy.world

Written by N0x0n@lemmy.ml on 2024-11-08 at 14:24

Except that everything I under your control and not managed by a third party, not much I think.

If this setup works for you and you’re happy with it, just keep it going.

If you have time to spare, want to learn new things, tinkerer arround with network security, certificates, DNS, reverse proxy and, and, and… You can give it a try with a virtual machine and docker containers. But keep in mind that’s not an easy way and involves a lot of personal time before you get a GOOD working self-hosted / exposed services.

I wouldn’t recommend to open any port on your router except for a secured tunnel like wireguard and connect to your services through that tunnel. Opening port 443/80 on your router is bound to some heavy automated scanning and brute force by bots. If you don’t have the necessary knowledge/tool/hardware, this is just going to put you at risk of ddos and remote attacks.

That’s way something like cloudflare is populate, they most of the time take care of that nuisance and also why something like wireguard is popular among the selfhosting community.

=> More informations about this toot | More toots from N0x0n@lemmy.ml

Written by mbirth@lemmy.ml on 2024-11-08 at 15:39

I’ve recently introduced CrowdSec and crowdsec-bouncer-traefik-plugin into my setup and it’s really great to see it block all those spam bots and brute force attempts.

=> More informations about this toot | More toots from mbirth@lemmy.ml

Toot

Written by BaroqueInMind@lemmy.one on 2024-11-11 at 12:57

Which crowdsec lists did you use? I’m on the free plan and can only subscribe to three of them and most of everything on the free tier looks like is useless since my Suricata can sync its rules with Proofpoint ET Open rulesets which are significantly more robust

=> More informations about this toot | More toots from BaroqueInMind@lemmy.one

Descendants

Written by mbirth@lemmy.ml on 2024-11-11 at 13:48

I’ve only subscribed to the “Free proxies” blocklist. But these are only additional blocklists. The main attraction of CrowdSec is their “CAPI” (Central API) which has all the current malicious actors detected in the network of CrowdSec instances.

=> More informations about this toot | More toots from mbirth@lemmy.ml

Proxy Information

Original URL: gemini://mastogem.picasoft.net/thread/113464431174563394
Status Code: Success (20)
Meta: text/gemini
Capsule Response Time: 274.640399 milliseconds
Gemini-to-HTML Time: 1.507318 milliseconds

This content has been proxied by September (3851b).