Yeah, that’s a fair point. I’ve been surprised to see a website is Wordpress from time to time.
As far as /wp-admin goes, I know all about that! Any web server I’ve run is constantly overrun with bots trying to hack it. A lot of times I configure nginx to simply drop connections to any URL ending in .php or GZIP bomb.
I’ve looked into it a few times and it just seemed complicated to do within a Docker container but I could be wrong. I might have ChatGPT guide me on that endeavor.
But I also recommend you to change the SSH port to another, is simple and pretty effective as all those bots are always using the default port and not doing a deep scan.
Thanks! Though I’m mainly only wanting to protect ports 80 and 443. Usually when it comes to web apps I Dockerize it and call it a day, so there is no SSH daemon hanging around.
Yeah for personal stuff I prefer my own stuff, but for business I find Fly to be phenomenal. I can always “SSH” into a container if needed (though it’s definitely not SSH).
Yeah, that’s a fair point. I’ve been surprised to see a website is Wordpress from time to time.
As far as
/wp-admingoes, I know all about that! Any web server I’ve run is constantly overrun with bots trying to hack it. A lot of times I configure nginx to simply drop connections to any URL ending in.phpor GZIP bomb.I suppose you also configure some
fail2banrules to ban those bots. Seems to be the easier way.I’ve looked into it a few times and it just seemed complicated to do within a Docker container but I could be wrong. I might have ChatGPT guide me on that endeavor.
There is a guide how to protect password brute force over SSH, which is the most attacked https://medium.com/@bnay14/installing-and-configuring-fail2ban-to-secure-ssh-1e4e56324b19
But I also recommend you to change the SSH port to another, is simple and pretty effective as all those bots are always using the default port and not doing a deep scan.
Thanks! Though I’m mainly only wanting to protect ports 80 and 443. Usually when it comes to web apps I Dockerize it and call it a day, so there is no SSH daemon hanging around.
Oh well, I only run services on my cloud, so I need to get SSH to manage them. hehehe 😄
Yeah for personal stuff I prefer my own stuff, but for business I find Fly to be phenomenal. I can always “SSH” into a container if needed (though it’s definitely not SSH).