Tecbs<p>Mi máquina virtual estándar sobre <span class="h-card" translate="no"><a href="https://lemmy.ml/c/proxmox" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>proxmox</span></a></span> es definitivamente <span class="h-card" translate="no"><a href="https://fosstodon.org/@alpinelinux" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>alpinelinux</span></a></span><br>Imagen virtual: x86_64</p><p>🔧 Configuración minimalista:</p><p> <a href="https://masto.es/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> en puerto alternativo:</p><p> port 8765</p><p> AllowUsers user1</p><p> PermitRootLogin no</p><p> Usuario con permisos doas:</p><p> /etc/doas.conf → permit persist alpine as root</p><p> Cortafuegos:</p><p> <a href="https://masto.es/tags/UFW" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UFW</span></a> con reglas estrictas</p><p> Control de accesos:</p><p> <a href="https://masto.es/tags/Fail2Ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2Ban</span></a> notificando por <a href="https://masto.es/tags/ntfy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ntfy</span></a> cada ban</p><p>✅ Todo en 138 MB, súper eficiente y sin paquetes innecesarios.</p><p><a href="https://masto.es/tags/Proxmox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Proxmox</span></a> <a href="https://masto.es/tags/AlpineLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlpineLinux</span></a> <a href="https://masto.es/tags/Minimalism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Minimalism</span></a> <a href="https://masto.es/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosting</span></a> <a href="https://masto.es/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://masto.es/tags/ntfy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ntfy</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.
Administered by:
Server stats:
16Kactive users
mstdn.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#fail2ban
5 posts · 4 participants · 0 posts today
Jordan<p>Currently over 1k incoming IPs banned in the last 72 hours from my firewall for malicious activity. A new record - Winning! 😂</p><p><a href="https://fosstodon.org/tags/firewall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>firewall</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://fosstodon.org/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a> <a href="https://fosstodon.org/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>botnet</span></a> <a href="https://fosstodon.org/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> <a href="https://fosstodon.org/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wordpress</span></a> <a href="https://fosstodon.org/tags/lamers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lamers</span></a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://fosstodon.org/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a></p>
Marcus<p>So I'm no regex expert, but this filter and jail combo for <a href="https://mastodon.social/tags/Fail2Ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2Ban</span></a> seem to be working pretty well at catching the two big scrapers that have been hammering me lately; <a href="https://mastodon.social/tags/Claude" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Claude</span></a> and <a href="https://mastodon.social/tags/Meta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Meta</span></a>. The filter file will obviously have to be revised as new ones arise, but I've got the template figured out so I can just copy and paste and swap out the string I want to check for in a log entry.</p><p>Screenshots are attached.</p>
Marcus<p>The traffic from these <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> bots is getting a little ridiculous. They aren't using that much bandwidth, but they're making the spinning rust drives in my personal server (that I have to maintain and pay for) run constantly which means they never get to park and rest during times of inactivity. <a href="https://mastodon.social/tags/Claude" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Claude</span></a> specifically has been hammering me for a week or more 24 hours straight.</p><p>So I'm tinkering with a <a href="https://mastodon.social/tags/Fail2Ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2Ban</span></a> filter to block AI bots and scrapers.</p>
Lanie Molinar Carmelo<p>I'm curious to hear what others are <a href="https://allovertheplace.ca/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosting</span></a>! Here's my current setup:</p><p><strong>Hardware & OS</strong></p><ul><li><strong>Hardware:</strong> <a href="https://allovertheplace.ca/tags/RaspberryPi500" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RaspberryPi500</span></a> (8 GB RAM, 512 GB SD card) <a href="https://allovertheplace.ca/tags/RPi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RPi</span></a> <a href="https://allovertheplace.ca/tags/RPi500" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RPi500</span></a> <a href="https://allovertheplace.ca/tags/SingleBoardComputers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleBoardComputers</span></a> <a href="https://allovertheplace.ca/tags/HomeLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HomeLab</span></a></li><li><strong>OS:</strong> <a href="https://allovertheplace.ca/tags/Stormux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Stormux</span></a>, an accessible <a href="https://allovertheplace.ca/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> distro based on <a href="https://allovertheplace.ca/tags/ArchLinuxARM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ArchLinuxARM</span></a> <a href="https://allovertheplace.ca/tags/LinuxAccessibility" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LinuxAccessibility</span></a> <a href="https://allovertheplace.ca/tags/AccessibleTech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AccessibleTech</span></a></li></ul><p><strong>Infrastructure & Networking</strong></p><ul><li><strong>Dashboard:</strong> <a href="https://allovertheplace.ca/tags/Glance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Glance</span></a> (<a href="https://allovertheplace.ca/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a>) <a href="https://allovertheplace.ca/tags/DockerApps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DockerApps</span></a></li><li><strong>Reverse Proxy:</strong> <a href="https://allovertheplace.ca/tags/Caddy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Caddy</span></a></li><li><strong>DNS:</strong> <a href="https://allovertheplace.ca/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cloudflare</span></a></li><li><strong>Domain Registrar:</strong> <a href="https://allovertheplace.ca/tags/Porkbun" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Porkbun</span></a></li><li><strong>Networking & Remote Access:</strong> <a href="https://allovertheplace.ca/tags/Tailscale" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tailscale</span></a> (non-Docker), love its SSH agent and magic DNS features. <a href="https://allovertheplace.ca/tags/NetworkSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkSecurity</span></a></li></ul><p><strong>Security & Monitoring</strong></p><ul><li><strong>Ad Blocking:</strong> <a href="https://allovertheplace.ca/tags/AdGuardHome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AdGuardHome</span></a> (non-Docker). Previously used PiHole but find AdGuardHome slightly faster. <a href="https://allovertheplace.ca/tags/PrivacyTools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PrivacyTools</span></a></li><li><strong>Server Monitoring:</strong> <a href="https://allovertheplace.ca/tags/Beszel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Beszel</span></a> (non-Docker). Tried Grafana/Prometheus/Alertmanager (accessible but overkill) and Netdata (poor screen reader accessibility). Beszel isn't perfect but best compromise so far. <a href="https://allovertheplace.ca/tags/ServerMonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ServerMonitoring</span></a></li><li><strong>Server Overview:</strong> <a href="https://allovertheplace.ca/tags/Cockpit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cockpit</span></a> (non-Docker)</li><li><strong>Security Tools:</strong> <a href="https://allovertheplace.ca/tags/Fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2ban</span></a>, <a href="https://allovertheplace.ca/tags/FirewallD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FirewallD</span></a>, <a href="https://allovertheplace.ca/tags/ClamAV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ClamAV</span></a>, and <a href="https://allovertheplace.ca/tags/Rkhunter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rkhunter</span></a> (non-Docker). Tried CrowdSec but couldn't get it working on Stormux. <a href="https://allovertheplace.ca/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a></li><li><strong>Service Uptime Monitoring:</strong> <a href="https://allovertheplace.ca/tags/UptimeKuma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UptimeKuma</span></a> (Docker), accessible and easy to use. <a href="https://allovertheplace.ca/tags/MonitoringTools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MonitoringTools</span></a></li></ul><p><strong>Authentication & Identity Management</strong></p><ul><li><strong>Authelia</strong> (Docker): Just set this up for two-factor authentication and single sign-on. Seems to be working well so far!<br></li><li><strong>LLDAP</strong> (Docker): Lightweight LDAP server for managing authentication. Also seems to be working pretty well!<br><a href="https://allovertheplace.ca/tags/AuthenticationTools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AuthenticationTools</span></a> <a href="https://allovertheplace.ca/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IdentityManagement</span></a></li></ul><p><strong>Productivity & Personal Tools</strong></p><ul><li><strong>Docker Management:</strong> <a href="https://allovertheplace.ca/tags/Dockge" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dockge</span></a> (Docker). More accessible than Portainer; main issue is built-in terminal isn't readable with screen readers. <a href="https://allovertheplace.ca/tags/DockerCompose" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DockerCompose</span></a></li><li><strong>Docker Logs Viewer:</strong> <a href="https://allovertheplace.ca/tags/Dozzle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dozzle</span></a> (Docker), great web interface and easy searching.</li><li><strong>Git Hosting:</strong> <a href="https://allovertheplace.ca/tags/Forgejo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Forgejo</span></a> (non-Docker), my personal Git server. <a href="https://allovertheplace.ca/tags/GitServer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitServer</span></a></li><li><strong>Backups:</strong> <a href="https://allovertheplace.ca/tags/IDrive" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IDrive</span></a> (non-Docker), backs up all my devices easily. <a href="https://allovertheplace.ca/tags/BackupSolutions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BackupSolutions</span></a></li><li><strong>Notes:</strong> <a href="https://allovertheplace.ca/tags/Joplin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Joplin</span></a> server (Docker). Accessibility improving; love the VSCode extension. <a href="https://allovertheplace.ca/tags/NoteTakingApps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NoteTakingApps</span></a></li><li><strong>Bookmarks:</strong> <a href="https://allovertheplace.ca/tags/Linkding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linkding</span></a> (Docker). Accessible bookmark manager with good browser extension support. <a href="https://allovertheplace.ca/tags/BookmarkManager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BookmarkManager</span></a></li><li><strong>Recipes:</strong> <a href="https://allovertheplace.ca/tags/Mealie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mealie</span></a> (Docker), starting to learn cooking! 🍳📖 <a href="https://allovertheplace.ca/tags/CookingApps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CookingApps</span></a></li><li><strong>RSS Feeds:</strong> <a href="https://allovertheplace.ca/tags/Miniflux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Miniflux</span></a> (non-Docker), excellent accessibility. Originally wanted better podcast support but other options had major accessibility issues. <a href="https://allovertheplace.ca/tags/RSSReader" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RSSReader</span></a></li><li><strong>Automation & Workflows:</strong> <a href="https://allovertheplace.ca/tags/N8N" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>N8N</span></a> (Docker). Haven't explored deeply yet—open to ideas! <a href="https://allovertheplace.ca/tags/AutomationTools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AutomationTools</span></a> <a href="https://allovertheplace.ca/tags/WorkflowAutomation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WorkflowAutomation</span></a></li><li><strong>Pastebin Service:</strong> <a href="https://allovertheplace.ca/tags/PrivateBin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PrivateBin</span></a> (non-Docker). Considering alternatives or CLI tool for easier console access. <a href="https://allovertheplace.ca/tags/PastebinAlternative" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PastebinAlternative</span></a></li><li><strong>File Sharing & Editing:</strong> <a href="https://allovertheplace.ca/tags/Samba" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Samba</span></a> (non-Docker), easy file management from my Windows 11 mini PC. <a href="https://allovertheplace.ca/tags/FileSharing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FileSharing</span></a> <a href="https://allovertheplace.ca/tags/Windows11" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows11</span></a></li><li><strong>Search Engine:</strong> <a href="https://allovertheplace.ca/tags/SearXNG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SearXNG</span></a> (non-Docker), accessible and searches multiple engines at once. <a href="https://allovertheplace.ca/tags/PrivacySearchEngine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PrivacySearchEngine</span></a></li><li><strong>IRC Client:</strong> <a href="https://allovertheplace.ca/tags/TheLounge" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TheLounge</span></a> (non-Docker). Some accessibility issues but best I've found so far for always-connected IRC. <a href="https://allovertheplace.ca/tags/IRCClient" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IRCClient</span></a></li><li><strong>Read Later Service:</strong> <a href="https://allovertheplace.ca/tags/Wallabag" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wallabag</span></a> (Docker). Biggest issue is Wallabagger Chrome extension doesn't work for me yet. <a href="https://allovertheplace.ca/tags/ReadItLater" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ReadItLater</span></a></li></ul><p><strong>Notifications & Development Workflow</strong></p><ul><li>Notifications via: <a href="https://allovertheplace.ca/tags/Ntfy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ntfy</span></a> (Docker) and Zoho's ZeptoMail (<a href="https://allovertheplace.ca/tags/Zoho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zoho</span></a>)</li><li>Development Environment: Mostly using VSCode connected to my server via Remote-SSH extension. <a href="https://allovertheplace.ca/tags/VSCodeRemote" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VSCodeRemote</span></a></li></ul><p><strong>Accessibility Focus ♿️🖥️</strong></p><p>Accessibility heavily influences my choices—I use a screen reader full-time (<a href="https://allovertheplace.ca/tags/ScreenReader" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScreenReader</span></a>), so I prioritize services usable without sight (<a href="https://allovertheplace.ca/tags/InclusiveDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InclusiveDesign</span></a>, <a href="https://allovertheplace.ca/tags/DigitalAccessibility" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DigitalAccessibility</span></a>). Always open to discussing accessibility experiences or recommendations!</p><p>I've also experimented with:</p><ul><li>Ollama (<a href="https://allovertheplace.ca/tags/Ollama" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ollama</span></a>): Not enough RAM on my Pi.</li><li>Habit trackers like Beaver Habit Tracker (<a href="https://allovertheplace.ca/tags/HabitTracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HabitTracking</span></a>): Accessibility issues made it unusable for me.</li></ul><p>I don't really have a media collection, so no Plex or Jellyfin here (<a href="https://allovertheplace.ca/tags/MediaServer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MediaServer</span></a>)—but I'm always open to suggestions! I've gotten a bit addicted to exploring new self-hosted services! 😄</p><p>What's your setup like? Any cool services you'd recommend I try?</p><p><a href="https://allovertheplace.ca/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosted</span></a> <a href="https://allovertheplace.ca/tags/LinuxSelfHost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LinuxSelfHost</span></a> <a href="https://allovertheplace.ca/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://allovertheplace.ca/tags/TechCommunity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechCommunity</span></a> <a href="https://allovertheplace.ca/tags/FOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FOSS</span></a> <a href="https://allovertheplace.ca/tags/TechDIY" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechDIY</span></a></p><p><span class="h-card" translate="no"><a href="https://lemmy.ml/c/selfhost" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>selfhost</span></a></span> <span class="h-card" translate="no"><a href="https://lemmy.world/c/selfhosted" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>selfhosted</span></a></span> <span class="h-card" translate="no"><a href="https://a.gup.pe/u/selfhosting" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>selfhosting</span></a></span></p>
Elena Rossini on GoToSocial ⁂<p>🏕️ my adventures in <a href="https://aseachange.com/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> - day 89 ✨</p><p>Oh <a href="https://aseachange.com/tags/peertube" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PeerTube</span></a>, you are making me do mental somersaults as I strategize about the best way to self-host my videos.</p><p>This newbie wants to ask: how many VPS’s are too many for someone who has little coding experience and has been self-hosting for just 3 months?</p><p>Fedi friends, I’m thinking of signing up for a THIRD VPS 😱</p><p>Why?</p><p>My current setup:</p><p>1️⃣ 5€/month Debian VPS with <a href="https://aseachange.com/tags/yunohost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YunoHost</span></a>, where I’m self-hosting <a href="https://aseachange.com/tags/gotosocial" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoToSocial</span></a> (this account), <a href="https://aseachange.com/tags/friendica" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Friendica</span></a>, <a href="https://aseachange.com/tags/pixelfed" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pixelfed</span></a>, <a href="https://aseachange.com/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2Ban</span></a> and <a href="https://aseachange.com/tags/linkstack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LinkStack</span></a>.<br>2️⃣ 5€/month Ubuntu VPS where I am self-hosting my (upcoming) <a href="https://aseachange.com/tags/ghost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ghost</span></a> blog (this will make me save a ton, compared to my current Ghost Pro plan).</p><p>Back to PeerTube: I could easily upgrade my <a href="https://aseachange.com/tags/debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Debian</span></a> VPS and install it there - the costs would be minimal and I would double my RAM and storage. But I am afraid of PeerTube’s consumption when it comes to bandwidth. As in: if I upload a video that for some reason becomes really popular, or if a bad actor decides to DDOS my channel, would that take down all my other self-hosted Fediverse instances? Since they are on the same VPS?</p><p>I could limit potential issues by having a dedicated VPS just for PeerTube.</p><p>What would you do?</p><p>And do you have recommendations for Europe-based VPS’s with affordable plans? (aside from Hostinger) I was thinking of <a href="https://aseachange.com/tags/hetzner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hetzner</span></a>…
<br><a href="https://aseachange.com/tags/mysocalledsudolife" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MySoCalledSudoLife</span></a> <a href="https://aseachange.com/tags/askfedi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AskFedi</span></a></p>
Blabla Linux<p><a href="https://mastodon.blablalinux.be/tags/Fail2Ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2Ban</span></a> <a href="https://mastodon.blablalinux.be/tags/Nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nginx</span></a> <a href="https://mastodon.blablalinux.be/tags/Proxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Proxy</span></a> <a href="https://mastodon.blablalinux.be/tags/Manager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Manager</span></a></p>
superrolf<p><span class="h-card" translate="no"><a href="https://digitalcourage.social/@wutti" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>wutti</span></a></span> Leider finde ich den Tröt nicht mehr aber den wesentlichen Link hatte ich gespeichert. Nachdem ich davon ausgehe, dass sie robots.txt geflissentlich ignorieren wird die Umsetzung mit <a href="https://digitalcourage.social/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> sicher zuverlässiger funktionieren. Das steht bei mir auch noch an, aber hier erstmal der Link:<br><a href="https://rainer.sokoll.com/?p=8353" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">rainer.sokoll.com/?p=8353</span><span class="invisible"></span></a></p>
Marcel Waldvogel<p><span class="h-card" translate="no"><a href="https://friendica.sokoll.com/profile/rainer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>rainer</span></a></span> Ja, die können scheinbar auch ganz übel Traffic generieren. Dank etwas Caching sind sie – von der Last her – nie negativ aufgefallen.</p><p>Übrigens: Interessanten Ansatz, die User-Agents via <a href="https://waldvogel.family/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> zu blocken 😎</p><p>(Und ja, ich kenne die «klassischen» (D)DoS-Angriffe seit Jahrzehnten. Und weiss auch, wie man (aus Versehen!) einen aufs Nachbardepartment absetzt…)</p>
Jordan<p>So I go to fold some laundry, and come back to find 25 IPs from the same subnet (VPN provider) banned from my web cluster. They were all scanning for Wordpress vulnerabilities on one of my hosted websites (<a href="https://coolmic.net" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">coolmic.net</span><span class="invisible"></span></a>).</p><p>Just another day in the life of a sysadmin 🙃</p><p><a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://fosstodon.org/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://fosstodon.org/tags/scanning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scanning</span></a> <a href="https://fosstodon.org/tags/vpn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vpn</span></a> <a href="https://fosstodon.org/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a> <a href="https://fosstodon.org/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a></p>
Blabla Linux<p>Il y en a qui se prenne des incréments de malade 😉 Ça insiste en tout cas 😎<br><a href="https://mastodon.blablalinux.be/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> <a href="https://mastodon.blablalinux.be/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a></p>
Dorian Daumiller<p><span class="h-card" translate="no"><a href="https://plush.city/@fluffy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fluffy</span></a></span> there's also <a href="https://social.tchncs.de/tags/Crowdsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Crowdsec</span></a>, a bit like <a href="https://social.tchncs.de/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> with shared block lists... So you don't have to maintain that list of IP actresses on your own...</p>
Seanland<p>One month later... <br>Just to put in perspective the one fail2ban rule from this post has blocked 658 unique IP addresses.</p><p><a href="https://seanland.ca/posts/2025-02-06-the-power-of-one-fail2ban-rule" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">seanland.ca/posts/2025-02-06-t</span><span class="invisible">he-power-of-one-fail2ban-rule</span></a></p><p><a href="https://mastodon.snld.ca/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mastodon.snld.ca/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> <a href="https://mastodon.snld.ca/tags/selfhost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhost</span></a> <a href="https://mastodon.snld.ca/tags/vps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vps</span></a></p>
Elena Rossini on GoToSocial ⁂<p>Good morning Fedi friends!</p><p>I was just checking my <a href="https://aseachange.com/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2Ban</span></a> logs and I'm a little taken aback by all the failed login attempts.</p><p>Asking the more experienced amongst you if this is normal?</p><p>The screenshot is from my Ubuntu VPS (which has been active for less than a month):</p><p>total failed: 737;<br>total banned 142.<br>By comparison my other VPS (the one with YunoHost on Debian) has the following stats:</p><p>total failed: 530;<br>total banned: 106.<br>I would definitely beef up my security even more but I don't really understand the security guide on YunoHost. If you have tips for TRUE newbies, I'm all ears :)</p>
Schenkl<p>Die komplette <a href="https://chaos.social/tags/Regex" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Regex</span></a> Logik von <a href="https://chaos.social/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> nach <a href="https://chaos.social/tags/Loki" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Loki</span></a> in <a href="https://chaos.social/tags/logql" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>logql</span></a> übernommen...</p><p>Turns out Loki ist wesentlich performanter als fail2ban.</p><p>Okay, Golang vs. python3 (bzw. pypy3)...<br>Wundert mich jetzt nicht sonderlich.</p><p>Mal sehen wie stabil das läuft :)</p>
Elena Rossini on GoToSocial ⁂<p>"Look ma, I'm coding!" 😜<br><br>Happy to report my <a href="https://aseachange.com/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2Ban</span></a> installation was successful and I've enabled one jail so far.<br><br>Now off I go prepare for my Stanford in Florence Zoom call. Will I mention my FOSS journey? You bet! 😆<br><br><a href="https://aseachange.com/tags/mysocalledsudolife" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MySoCalledSudoLife</span></a></p>
Elena Rossini on GoToSocial ⁂<p>🏕️ my adventures in <a href="https://aseachange.com/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> - day 77 ✨<br><br>This morning I'm attempting a manual install of <a href="https://aseachange.com/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2Ban</span></a> (that is, with commands, no YunoHost) on my <a href="https://aseachange.com/tags/ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ubuntu</span></a> VPS.<br><br>I've been greatly enjoying Fail2Ban on my <a href="https://aseachange.com/tags/debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Debian</span></a> VPS and I'd like to extend the same protections to the VPS with my self-hosted <a href="https://aseachange.com/tags/ghost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ghost</span></a> blog.<br><br>I hope nothing goes wrong because I have a video call with Stanford students at the study abroad program in Florence at 11am (for a women in cinema class, I'm invited every year)... so I don't wanna feel distracted by tech issues, ha!<br><br><a href="https://aseachange.com/tags/mysocalledsudolife" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MySoCalledSudoLife</span></a></p>
James<p>3 Attempts in 30 minutes = 24 hour ban ... </p><p>It's really amazing how many attempts to brute force into servers there are. I mean I set the server up the other day and kerpow .. login attempt .. login attempt .. login attempt. <a href="https://mastodon.ie/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> </p><p>I've debated pulling the blocklist.de IP list in but feel 20k+ entries might be a bit extreme (updating hourly) </p><p>Any thoughts from people who know far more than I do? :)</p>
Blabla Linux<p><a href="https://mastodon.blablalinux.be/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a> - <a href="https://mastodon.blablalinux.be/tags/Fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fail2ban</span></a> pour <a href="https://mastodon.blablalinux.be/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NPM</span></a> (<a href="https://mastodon.blablalinux.be/tags/Nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nginx</span></a> <a href="https://mastodon.blablalinux.be/tags/Proxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Proxy</span></a> Manager) 😎<br>Bientôt, on évoquera "open <a href="https://mastodon.blablalinux.be/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsec</span></a>" 😉</p>
Andreas N. ⁂<p>wenn du die <a href="https://mastodon.social/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> filter anpasst und plötzlich Frieden einkehrt in den Logfiles....</p><p><a href="https://media3.giphy.com/media/v1.Y2lkPTc5MGI3NjExMHJ3czk5ZTNodmhrZm81b2Z0MXQ1djJveWM2OHBmcGNhbzVtbWM3dyZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/ShDxFMNrJRdmCk7wCl/giphy.gif" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">media3.giphy.com/media/v1.Y2lk</span><span class="invisible">PTc5MGI3NjExMHJ3czk5ZTNodmhrZm81b2Z0MXQ1djJveWM2OHBmcGNhbzVtbWM3dyZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/ShDxFMNrJRdmCk7wCl/giphy.gif</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload