Intro Unless you’re a sysadmin or worked with GNU/Linux servers for a long time, it’s very possible that you’ve never heard about a chroot jail. This is a very old topic, seriously, I learned how to create a jail about 15 years ago, yet it remains a very useful concept today. Let’s say you have your own server, and you decide to mount your own mini-hosting project. Somehow, you need to give your users access via SSH so they can do their stuff.
Intro Hi, in this post, we are going to protect our web server against undesired path enumeration. There are several bots out there trying to exploit known vulnerabilities or abuse default configurations. This post is the continuation of Secure your ssh server with fail2ban, ensure you have at least fail2ban installed and running. After I enabled access logs for my web server, I began checking them. There were a lot of funny and scary requests as you can see in the image.
Intro Days ago, I bought my first VPS with Debian 12 installed. Just a few days after it was up and running, I began checking the system logs, where the SSH service caught my attention. To my surprise, there were several attempts to connect to port 22, including some brute-forcing attempts to access users that didn’t exist on my server. I mean, I know it’s a public IP and the World Wide Web, but come on, not even 48 hours online and I’ve already had several intrusion attempts, mostly coming from Asia.