docker-fail2ban
docker-cloudflared
Our great sponsors
docker-fail2ban | docker-cloudflared | |
---|---|---|
9 | 6 | |
594 | 290 | |
- | - | |
6.6 | 7.2 | |
7 months ago | 3 months ago | |
Dockerfile | Dockerfile | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
docker-fail2ban
-
How to secure my self-hosted website?
It does, but it defaults to nftables from (I think) Ubuntu 21 and onwards. So when you're running fail2ban in a docker container, it run an iptables command to block the IP. However, it errors out because nftables is default in Ubuntu 19 onwards (only for new installs). See https://github.com/crazy-max/docker-fail2ban down the page. You can replace the defaults, but I do not want to mess with my docker box at this point!
-
Newbie looking to get a NAS
Nginx Reverse Proxy Manager Lets you redirect traffic from a single machine to all of your VMs and servers as well as manage SSL certificates, you can also do things like deploy Fail2Ban
- Help securing/exposing self-hosted services
-
A working regex for the fallback_access.log in nginx proxy manager
My setup is all docker on the raspberry pi 4 8gb. I can not seem to find a good regex for this log file. All log entries fail when testing. You wish it will put the client entry IP address in iptables. My regex knowledge is zero so I depend on examples (that don't work). I have no problems with the configuration that works fine. The proxy xx access log has a different format, but if someone has a working regex for that file, please let me know. For fail2ban I use https://github.com/crazy-max/docker-fail2ban For NPM I use https://github.com/jc21/nginx-proxy-manager In fail2ban I use the filter.d dir for the conf file. I can see it's loading in the log but the testing from within the docker image gives no result.
-
Possible to redirect container logs to file
My setup right now includes - Rootless Docker (can read and maybe write to journald, syslog seems to require root but maybe I'm wrong) - Fail2ban in a container crazymax/fail2ban
-
Was my raspberry hacked?
If you are running docker for your stuff, crazy-max dockerized fail2ban works well. Just be sure to export any form of logs out of what you want to protect and into the fail2ban container.
-
Is putting fail2ban/ufw in front of Docker+Traefik v2 necessary? How do Docker+Traefik handle the same need?
https://github.com/crazy-max/docker-fail2ban#custom-jails-actions-and-filters
docker-cloudflared
-
An extensive tutorial on how to setup a Pi-Hole
Edit: Also great to see that AGH has secure DNS built in. My Pi-Hole solution required cloudflared [0] for that.
- pihole with DoT, DoH, or DNSCrypt
-
Firefox extends privacy and security of Canadian internet users with by-default DNS-over-HTTPS rollout in Canada
You can forward all unresolved DNS requests to Cloudflare on Pi-hole, but if you want to send them through DNS over HTTPS (DoH) on your network, you will need to forward them to something running cloudflared. Here are 2 docker containers you can use to host on separate network containers: https://github.com/crazy-max/docker-cloudflared, https://github.com/visibilityspots/dockerfile-cloudflared
-
My ISP starts hijacking dns servers so unbound stopped working
My ISP was doing the same thing. It was only fixed after switching to DoH. OP, if you are using docker, you can use this one file solution to setup pihole+cloudflared. Repo source
-
Is this the ultimate self-hosting setup? I think so...
Cloudflared - DNS over HTTPS client that's not tied to Cloudflare (route Pihole requests through this)
What are some alternatives?
Docker Compose - Define and run multi-container applications with Docker
Unbound - Unbound is a validating, recursive, and caching DNS resolver.
crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
docker-php-nginx - Docker image with PHP-FPM 8.3 & Nginx 1.24 on Alpine Linux
DoH
docker-rtorrent-rutorrent - rTorrent and ruTorrent Docker image
Home Assistant - :house_with_garden: Open source home automation that puts local control and privacy first.
docker-matomo - Matomo (formerly Piwik) Docker image
AnonAddy-docker - AnonAddy Docker image
dockprom - Docker hosts and containers monitoring with Prometheus, Grafana, cAdvisor, NodeExporter and AlertManager
node-red-contrib-home-assistant-websocket - Node-RED integration with Home Assistant