This is a continuation of my other post

I now have homeassistant, immich, and authentik docker containers exposed to the open internet. Homeassistant has built in 2FA and authentik is being used as the authentication for immich which supports 2FA. I went ahead and blocked connections from every country except for my own via cloudlfare (I’m aware this does almost nothing but I feel better about it).

At the moment, if my machine became compromised, I wouldn’t know. How do I monitor these docker containers? What’s a good way to block IPs based on failed login attempts? Is there a tool that could alert me if my machine was compromised? Any recommendations?

EDIT: Oh, and if you have any recommendations for settings I should change in the cloudflare dashboard, that would be great too; there’s a ton of options in there and a lot of them are defaulted to “off”

  • Xanza@lemm.eeEnglish
    11·
    22 hours ago

    I don’t know what kind of firewall you use, but if my firewall is down there is NO traffic at all passing through!

    Only a hardware firewall would do this. If it’s software, like implied in your post, no traffic is filtered and all connections are accepted.

    VPN is the least amount of work for the most secure setup. There’s nothing to even argue, its superior in every way.

    • peregus@lemmy.worldEnglish
      1·
      21 hours ago

      Only a hardware firewall would do this. If it’s software, like implied in your post, no traffic is filtered and all connections are accepted.

      Talking abut netfilter, since it manages also the forwardning, it for some strange reason it should crash, NO IP traffic is flowing

      VPN is the least amount of work for the most secure setup. There’s nothing to even argue, its superior in every way.

      If there’s nothing to even argue, then I say goodby to you since I’m here to discuss. All the best!