Set up my server 2 days ago and hackers already on it!! Geeeeze!! 😂😂

Hackers or just bots trying to get access?

Just a bunch of script kiddies

Yeah each of my servers gets around 30K attempts per day haha.

Welcome to this world!

@alexbrooklyn idk to be honest. Looked up the IP's and they came from

-Germany
-Norway
-China 2x

@linuxxx OMG!! This is my first sever, so I was not expecting this. 30k would freak me out! 😱😱

I know it’s fun and all to set up your own server, but I find it’s better to just use ANY cloud provider. Cost money, but these kinds of shit are blocked automatically

don't sweat it, they're just bots trying to find access and setup files that you shouldn't leave like wordress setup file and so on

@NoToJavaScript True, though about it and u said it, the price always stop me. I've used AWS and Azure only the free tiers/trials. Maybe if my next app makes money I'll switch, but for now, have to with my server.

@DivSyntax I manage 20-40 servers haha. I'm used to this and have software running to mitigate automatically.

Next to that I've got a notification System in place which notifies me when a new SSH session starts so unless someone uses a zero day RCE (Remote Code Execution) vulnerability, I'll be alerted the second someone gets in :)

@linuxxx Yeeeeeeah, gonna try and set this up on mines. 👍

Bastille or similar maybe?

Botnet recruiters :)

make sure to never use default passwords [or simple ones for the matter].

And set up your iptables/firewalld in restrictive mode.

DO NOT allow root ssh logins unless you have a password that is so random and strong that neither dict-attacks nor bruteforce would crack them in this decade.

As for other users - only key auth

@linuxxx do you have any software recommendations for logging activity such as bots/users attempting to access a server?

@amoux In a webserver context or?

@shakur The brute force stuff? CSF (search for this as "csf firewall" since its also a medical thing 😅)