Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Reduce visibility to spam bots via KnockD

    Feature Requests
    networking firewall
    2
    2
    58
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • robi
      robi last edited by girish

      Certain services, like ssh get a lot of attention from bots if the port is open.

      It would be nice to remove being the attention of such scans by closing those affected ports.

      Since we still need to use them, they can be enabled for us specifically via port knocking.

      Combined with temporary IP whitelisting, keeping related connections open in IPtables, and cleaning up the white list/port after IP change/inactivity, that would keep things nicely automated, and reduce the amount of logging and CPU necessary.

      It could also be nicely adapted to the remote Cloudron support process.

      Life of Gratitude.
      Life of Gifts

      P 1 Reply Last reply Reply Quote 3
      • P
        p44 @robi last edited by

        @robi Wow Robi, this is a great feature request!!! Just yesterday one of my Cloudron instances got a lot of traffic to email for a bruteforce attack.

        @girish I think this feature have to put on the top of the list to improve safety but also to reduce workload of instances and network traffic...

        Schermata 2021-01-13 alle 09.49.21.png

        This is a statping how network performances was impacted before and later bruteforce.

        Also, need a robust alert system - email or other - to let us know that something is happens.

        1 Reply Last reply Reply Quote 1
        • First post
          Last post