Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Look into ufw (or iptables/nftables if you want to go deeper) to restrict outbound network access. Note though that Docker containers won't respect host firewall rules by default, so I created whalewall to easily manage container firewall rules: https://github.com/capnspacehook/whalewall
I use their free plan so I can't tell about any other plan. In order to protect all your services, you just have to deploy Crowdsec once, give it access to the logs of all your existing services and set up the relevant bouncers (reverse proxy and probably Cloudflare). You must also give it the relevant collections from https://hub.crowdsec.net/ such as https://hub.crowdsec.net/author/crowdsecurity/collections/nextcloud