Comment on where do the instances actually reside?
spacedancer@lemmy.world 1 year agoYou’ll need to have some monitoring in place. Firewall logs, packet capture (i.e. wireshark), security onion, and a bunch of other security logging/monitoring tools. If you’re hosting on the cloud, your provider may have some free tools you can use (i.e. CASB).
dandroid@dandroid.app 1 year ago
I’m currently hosting on a spare computer that I had lying around that I installed Linux on. So I’ll probably need to do some research and set this up.
My dad had a web page recently get attacked, and they ended up injecting a program into his server and it started executing itself. He didn’t look into what it was actually running, but I can’t imagine it was doing anything good. Like, if it were just crypto mining, that would be a best case scenario. I’m sure it got in because he never updates anything. He was running his web page on a very, very old version of php, with a very old version of apache2 as the webserver.
I just want to make sure that I’m aware of if someone is trying to do something similar to me.