<![CDATA[#homeLab fun...Randomly checked my #graylog dashboard for self hosted webserver.]]> fun...
Randomly checked my dashboard for self hosted webserver. Oh someone was trying various WordPress vulns again... Let's see the inbound IPs...
Oh,... Oh no. The call is coming from inside the network! In the 192.168.1.0/24 group...
K, check that host... Oh yeah 🤦♂️ that's the node that hosts the externally visible reverse proxy service.
Derp,
Well, at least reconfiguration of the proxy and webserver to carry the real client IP was fairly straightforward. Just something I missed during my initial, and subsequent, configuration.

Though somewhat risky, connecting computers to the wild network is always a learning experience. My autodidactic ass learns so much from seeing that something can be done then trying naively to do it myself. Bumping up against each and every hurdle informs the why then the how of the best in class solutions. I may not always succeed but I get a better understanding of the tools and technology landscape we exist in.

]]>https://board.circlewithadot.net/topic/b1c0d399-c89b-4127-a622-5ac383a1ba80/homelab-fun...randomly-checked-my-graylog-dashboard-for-self-hosted-webserver.RSS for NodeFri, 01 May 2026 05:44:27 GMTSun, 19 Apr 2026 03:01:03 GMT60<![CDATA[Reply to #homeLab fun...Randomly checked my #graylog dashboard for self hosted webserver. on Sun, 19 Apr 2026 11:38:31 GMT]]>@tinsuke
That endpoint gets a LetsEncrypt cert, anything with auth usually requires openId.
I've got fail2ban on one service as it came as a feature.
Been contemplating putting it in more globally.
Also, as much as possible, single responsibility services.
The proxy does proxy stuff.
The web server does static pages.
Other services are containerized and individually secured and isolated as much as possible.
GrayLog is for monitoring, doesn't itself secure anything. But does let me know what to focus on.. (when I monitor the relevant info 😁)

]]>https://board.circlewithadot.net/post/https://mstdn.ca/users/RyeNCode/statuses/116431173136102146https://board.circlewithadot.net/post/https://mstdn.ca/users/RyeNCode/statuses/116431173136102146Sun, 19 Apr 2026 11:38:31 GMT<![CDATA[Reply to #homeLab fun...Randomly checked my #graylog dashboard for self hosted webserver. on Sun, 19 Apr 2026 04:55:31 GMT]]>@RyeNCode oh, how do you secure that exposed reverse proxy? (well, besides graylog, ofc)

I have one where I just setup mTLS auth for non-local access. No log monitoring. No fail2ban or the likes... Am I asking for (too much) trouble?

]]>https://board.circlewithadot.net/post/https://mas.to/users/tinsuke/statuses/116429588500606208https://board.circlewithadot.net/post/https://mas.to/users/tinsuke/statuses/116429588500606208Sun, 19 Apr 2026 04:55:31 GMT