How do you deal with malicious requests to your servers?
How do you deal with malicious requests to your servers?
I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?
Edit: Thanks for the tips everyone!
You're viewing a single thread.
Nothing too fancy other than following the recommended security practices. And to be aware of and regularly monitor the potential security holes of the servers/services I have open.
Even though semi-related, and commonly frowned upon by admins, I have unattended upgrades on my servers and my most of my services are auto-updated. If an update breaks a service, I guess its an opportunity to earn some more stripes.
Why is unattended upgrades frowned upon? Seems like I good idea all round to me?
Mostly because stability is usually prioritized above all else on servers. There's also a multitude of other legit reasons.
All the legit reasons mentioned in the blog post seem to apply to badly behaved client software. Using a good and stable server OS avoids most of the negatives.
Unattended Upgrades on Debian for example will by default only apply security updates. I see no reason why this would harm stability more than running a potentially unpatched system.
Even though minimal, the risk of security patches introducing new changes to your software is still there as we all have different ideas on how/what correct software updates should look like.
Fair, I'd just rather have a broken system than a compromised one.
Hell, debian is usually so stable I would just run dist-upgrade on my laptop every morning.
The difference there is that I’d be working with my laptop regularly and would notice problems more quickly