Comment on So I kind of set up another level of security well not really more of a gate to

ne20002@fedi.0x42.ch ⁨5⁩ ⁨days⁩ ago

@pasjrwoctx I use ModSecurity and the xbl.spamhaus.org. This keeps away a lot of scanners and other bad stuff.
I also startet with Anubis in front of all my services, friendica among them, and try to dig a bit deeper into the rule sets.
It's the same as with ModSecurity and all the other similar tools: the default works more or less but is a general rule set and not quite optimized for a Fediverse server.
I wonder if we should find a common place to share rule sets for Anubis, ModSecurity and other tools as well as best practices on how to set up the tools.

I also realized that many callers, even thought legit fediverse servers, have not properly implemented http headers as Accept or Content-Type. Makes a correct filtering more complicated.

original
Sort:hotnewtop