laravel-echo-server VS endlessh

Which of these do you use for your realtime Laravel applications? Soketi seems good but documentation doesn't seem that good. Laravel Websockets is mentioned in the official Laravel docs as a Pusher alternative,and Laravel Echo Server looks good but hasn't been updated for a year.

Events are broadcast using Laravel Echo Server, Laravel Websockets, or Soketi. Say on a channel time.

Yeah, we've used https://github.com/tlaverdure/laravel-echo-server in production for years. But our version is modified, restarts in sync with the clients on a schedule, and needs...TLC.

As for the connection error, that is shown because no websocket server is setup and running for your app (also adding to my docs). By default, my messenger-ui NotifyManager.js uses laravel echo and the socketio library, along with laravel-echo-server for the socketio instance.

not websockets, but this looks like a great alternative option https://github.com/tlaverdure/laravel-echo-server

You can reduce the noise a lot by moving ssh to a non standard port. Security through obscurity isn't actually security, but it will reduce the number of attempts you receive. Another thing I like to do is put Endlessh on the standard port 22. That way as bots go by they will get stuck or at least slow down on that connection.

SSH tarpit with Endlessh and for the hidden SSH: auth with both a key files (that need unlocking and is on the computer) AND an One Time Password on my phone.

If you change the ssh port, install https://github.com/skeeto/endlessh to slow down the attackers

Even this requires you to successfully guess the username and password correctly, and if it's just not the default most people won't bother brute forcing further. Sidenote: you can use endlessh on a computer and port forward port 22 to trap scanners that scan the entire internet for open ssh ports to exploit.

The fun way is moving your ssh port somewhere else and installing endlessh to f the bots.

Such as endlessh

But, as a prank to Chinese hackers, what I did on my system was to run endless ssh. It keeps the ssh client busy as it slowly sends the ssh banner. I modified the code to send strings like:

For hardening: I use lynis for some guidance, the VPS runs rkhunter, AIDE and other things nightly and mails me the reports, fail2ban manages the SSH port, having SSH on a custom port helps to keep things quiet. If you're into these kind of things, have a look at the Endlessh tarpit to learn about login attempts on port 22 on your machine - I found it eye-opening.