Selfhosted

41037 readers

447 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

Learning about the dangers of the World Wild Web with my self-hosted blog (lemy.lol)

submitted 1 month ago by [email protected] to c/[email protected]

13 comments fedilink hide all child comments

Ok, it's me again. I've been checking the sampled logs on my cloudflare website and I've noticed some very particular requests:

Some context: I'm hosting my own static website (a personal blog) at home and serving it to the internet through a Cloudflare tunnel.

Upon inspecting them it seems like they are bots and web-crawlers trying to access directories and files that don't exist on my server, (since I'm not using wordpress). While I don't really have any credentials or anything to lose on my website and these attacks are harmless so far, this is kinda scary.

Should I worry? Is this normal internet behaviour? Should I expect even worse kinds of attacks? What can I do to improve security on my website and try to block these kinds of requests/attacks?

I'm still a noob, so this is a good opportunity for learning.

Thanks

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 30 points 1 month ago* (last edited 1 month ago) (1 children)

That looks like the internet. Every server gets bombarded with these requests. Generally: Use good passwords, make sure your software blocks bots brute-forcing passwords, after some sane amount of tries... Keep everything updated...

If you want some more attacks, install a mailserver. Or expose VNC/Windows Remote Desktop or a VOIP server. That gets the bots really worked up.

[–] [email protected] 18 points 1 month ago (2 children)

Fail2ban works really well.

[–] [email protected] 14 points 1 month ago (1 children)

Just make sure you actually enable the jails/filters for the services you use ... I've seen people just install it and that will by default just protect ssh and leave everything else as is.

[–] [email protected] 4 points 1 month ago

True

[–] [email protected] 2 points 1 month ago (1 children)

With fail2ban single bot behind a NAT can make the site unaccessible for all users behind that NAT.

[–] [email protected] 4 points 1 month ago

That's true, but might not really be a problem for most. Just set the jail time to something short (few minutes, maybe an hour).