Comment on What's the real danger of opening ports?

blargh513@sh.itjust.works ⁨21⁩ ⁨hours⁩ ago

Get a WAF. Sophos firewall is free if you want to diy. If not, use cloudflare.

Opening ports, logging, monitoring, nailing up allow listed IP addresses and dicking around with fail2ban is such a timesuck. None of that crap will stop something from exploiting a vulnerability.

Some things are worth farming out to a 3rd party. Plus, you can just point your DNS entry over and be mostly done. No more dynamic IP bs.

source
Sort:hotnewtop