If you're self-hosting a service that is exposed to the internet, I wrote a Fail2ban guide to help you protect it

This page summarizes the projects mentioned and recommended in the original post on /r/selfhosted
Testing Security electron-app GUI / Web Testing Linux

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • crowdsec

    CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

    • Great guide! Just want to point out that while fail2ban is an excellent tool there are alternatives around that could be worth looking into. Most notable is CrowdSec. It's free, open source and collaborative in the sense that users are sharing information about attacks thereby effectively helping each other out. Other main differences is that it's able to detect more advanced attacks like slow-bf, L7 DDoS, bot sraping, scalping and much more. Also it blocks traffic on firewall level or directly in a given application such as nginx, traefik and much more. There's even native support for Cloudflare, Fastly and the ability to read logs from various cloud providers. And much, much more.

  • docker-swag

    Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.

    • You could use something like linuxserver.io's SWAG to provide reverse proxy with integrated fail2ban across multiple services.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • locust

    Write scalable load tests in plain Python 🚗💨

    • If you're looking for a way to load test or stress test your setup, you can try it with k6, locust or Loader

  • insomnia

    The open-source, cross-platform API client for GraphQL, REST, WebSockets, SSE and gRPC. With Cloud, Local and Git storage.

    • A simpler solution I like to take sometimes is to just use an API client (my favorite is Insomnia) and write a test suite for an API call and make it so that it runs multiple times.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts