I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?

Edit: Thanks for the tips everyone!

  • dinosaurdynasty@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    1 year ago

    Yup, there are many ways of doing that. Most reverse proxies should support basic auth (easy, but browser UX is terrible and it breaks websockets) or TLS client auth (even worse browser UX, phones are awful).

    The best thing is do something like Caddy + Authelia (which is what I currently do with most things, with exceptions for specific user agents and IPs for apps that require it, aka non-browser stuff like Jellyfin),