ArrowMax

@ArrowMax@feddit.org

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Low resource, Performant WAF⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
WAF custom rules are more flexible, of course, and from a business perspective, I can understand why they would recommend that option instead.

I currently filter on an nginx access log file among other filters (sshd, bot-search, bad-requests) and let fail2ban execute the ban/unban action itself.

From a quick search, it should be possible to handle bans/unbans externally, if that’s what you’re after.
⁨Comment⁩ on ⁨Low resource, Performant WAF⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
FYI, IP access rules don’t count towards the 5 custom rules limit, but the more generous 50k limit.

With fail2ban, you can setup IP access rules via the cftoken-action quite easily.

Security --> WAF --> Tools to access the IP rules in the dashboard. developers.cloudflare.com/waf/…/ip-access-rules/
⁨Comment⁩ on ⁨Self-hosting minecraft⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Hijacking: With the above solution, it’s also super easy to install modpacks and I would recommend Modrinth as both the modded Minecraft launcher and mod-shareplace.

…readthedocs.io/…/mods-and-plugins/

Went the same route last year and had no issues.