cross-posted from: https://reddthat.com/post/39309359

I’ve been running Home Assistant for three years. It’s port forwarded on default port 8123 via a reverse proxy in a dedicated VM serving it over HTTPS and is accessible over ipv4 and ipv6. All user accounts have MFA enabled.

I see a notification every time there’s a failed login attempt, but every single one is either me or someone in my house. I’ve never seen a notification for any other attempts from the internet. Not a single one.

Is this normal? Or am I missing something? I expected it to be hammered with random failed logins.

  • JASN_DE@feddit.org
    link
    fedilink
    English
    arrow-up
    30
    arrow-down
    1
    ·
    edit-2
    6 months ago

    Probably simply not a lucrative target for automated scanning/attacks, unlike e.g. ssh.

    Edit: or WordPress. My logs are full of those, until Crowdsec hits.