anticonnor@lemmy.world to

Selfhosted@lemmy.worldEnglish · 23 hours ago

Where to install fail2ban?

34

Where to install fail2ban?

anticonnor@lemmy.world to

Selfhosted@lemmy.worldEnglish · 23 hours ago

I’ve been doing some selfhosting and want to setup fail2ban for my exposed apps, but am unsure if that should be setup on my router (OpenWRT), on each server that may be exposed, or just in the Caddy container?

My setup right now is: TP-Link router with OpenWRT Lenovo M910q with Proxmox, which hosts the following:

Caddy in a container for reverse proxies to hosted apps
Home Assistant OS in VM#1
Other apps in docker containers on VM#2

Chat

frongt@lemmy.zip
link
fedilink
English
arrow-up
7·
23 hours ago
Don’t modify containers. Send their logs to fail2ban and block things at the edge.
- anticonnor@lemmy.worldOP
  link
  fedilink
  English
  arrow-up
  2
  arrow-down
  1·
  23 hours ago
  I’m still not sure what this means. Run fail2ban on the router or on each VM? Caddy does have a fail2ban module if it makes more sense to run there?
  - Eirikr70@jlai.lu
    link
    fedilink
    English
    arrow-up
    6·
    23 hours ago
    Run it in some place where it can easily read the logs of your apps.
    - anticonnor@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      3·
      22 hours ago
      Thank you both, I’m starting to get it.

Selfhosted@lemmy.world

selfhosted@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

584 users / day
2.78K users / week
8.22K users / month
16.6K users / 6 months
1 local subscriber
57K subscribers
2.78K Posts
56K Comments
Modlog