-
crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
CrowdSec is free and open source and started out as a modern version of Fail2Ban but has evolved into so much more. Bascially it consists of an agent which parses your logs and detect attacks and send anonymized information of those to the CrowdSec consensus engine which determines if a given ip is bad or not - and receives information on current blockslists. The other part of the CrowdSec software is the bouncer which blocks traffic based on the intelligence it receives. There's a bouncer for iptables/nftables and pf as well as for nginx, wordpress, php in general and even for Cloudflare :-). See more at https://crowdsec.net/. Disclaimer: I am head of community at CrowdSec and an avid user myself. This setup would require a little bit of fiddling in which I would be more than happy to help you out as much as I can. You could also watch the talk I did a few days ago at ShellCon outlining design and use cases in a 40 min technical talk at http://www.youtube.com/watch?v=vZgl00UcATw&t=138m26s.
Yes that's the easiest way to do it. Recently I wanted to have HTTPS locally for some apps to make my life easier (and also not route my traffic through the VPS when I'm at home). I therefore did some DNS stuff on Adguard to point `example.com` to the second caddy server instead of to the VPS. To do that I had to make some changes upstream so now the traffic is proxied down from the VPS over HTTPS and I can connect to the second server via HTTPS too. You can see my updated Caddyfiles here and here. But that's pretty advanced and just terminating SSL on the VPS was much easier/simpler.