ArrowMax

joined 8 months ago
sorted by: new top controversial old
Low resource, Performant WAF in c/selfhosted@lemmy.world
[–] ArrowMax@feddit.org 2 points 12 hours ago

WAF custom rules are more flexible, of course, and from a business perspective, I can understand why they would recommend that option instead.

I currently filter on an nginx access log file among other filters (sshd, bot-search, bad-requests) and let fail2ban execute the ban/unban action itself.

From a quick search, it should be possible to handle bans/unbans externally, if that's what you're after.

Low resource, Performant WAF in c/selfhosted@lemmy.world
[–] ArrowMax@feddit.org 6 points 21 hours ago (2 children)

FYI, IP access rules don't count towards the 5 custom rules limit, but the more generous 50k limit.

With fail2ban, you can setup IP access rules via the cftoken-action quite easily.

Security --> WAF --> Tools to access the IP rules in the dashboard. https://developers.cloudflare.com/waf/tools/ip-access-rules/

Self-hosting minecraft in c/selfhosted@lemmy.world
[–] ArrowMax@feddit.org 1 points 3 days ago

Hijacking: With the above solution, it's also super easy to install modpacks and I would recommend Modrinth as both the modded Minecraft launcher and mod-shareplace.

https://docker-minecraft-server.readthedocs.io/en/latest/mods-and-plugins/

Went the same route last year and had no issues.