this post was submitted on 20 Mar 2025
496 points (100.0% liked)
Technology
67050 readers
3888 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
fail2ban will always get you better results than banning countries because VPNs are a thing.
that said, I automatically ban any IP that comes from outside the US because there's literally no reason for anyone outside the US to make requests to my infra. I still use smart IP filtering though.
also, use a WAF on a NAT to expose your apps.
I'm familiar with f2b. I even have several clients licensed with the commercial version but it doesn't fit this use case as there's no logon failure for it to work with.
I have systems setup with geo-blocking but it's of limited use due to the prevalence of VPNs.
This isn't a solution either because a WAF has no way to know what traffic is bad so it doesn't know what to block.