Using Fail2ban to protect exposed services | arvind.io
arvind.io
Fail2ban is a software application that protects you from brute-force attacks. The most common use-case is to protect your server's publicly exposed SSH service from being an easy target. If that is your only goal, you might find it quicker to follow the steps from this article by Linode for...

I’m wondering if I’m starting to outgrow Tailscale… my wife keeps having networking issues on Android due to Tailscale, the Nvidia Shield kills the Tailscale app randomly, and my parents’ TV doesn’t have a Tailscale app…

I feel like the time is approaching to publicly expose some of my services to the internet…

Any other tips?

  • priapus@piefed.socialEnglish
    3·
    11 hours ago

    I have all my services behind a reverse proxy and use Crowdsec to monitor and block automated attacks. I also have pocket-id for auth, I use SSO for apps that support it and others just require authentication to access them at all. The docs are pretty solid, it was easy to set up.

    Make sure you know the services running on your server, the most likely way you could get attacked is by just leaving some vulnerable or misconfigured software running and accessible.

    Also I’d probably set up account lockouts on any software you can, I know Jellyfin supports it.