• 0 Posts
  • 5 Comments
Joined 3 years ago
cake
Cake day: August 19th, 2023

help-circle
  • Mio@feddit.nutoSelfhosted@lemmy.worldThoughts on crowdsec
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    17 hours ago

    Yes, that is the hard part. But it can be done. Geoip blocking like only allow your country - blocking every China or Russian user etc. If you are selfhosting at home and worry about your SSH access, then you can do a lot of things to block then early. It is all about authentication. Lets say you require VPN access in - example Wireguard. You could require access only through somebody else, like Cloud flare tunnel. You could also do “port knocking” but that is not encrypted. You could require the user first has to be authenticated somewhere else, like require first Microsoft login and only then your ip is allowed.




  • It is about reasonable defaults. Why would anyone want to stop their presentation for Windows update reboot? It should be much more friendly how it handles this. Like always check what the user is doing and when is a reasonable time to do it? Maybe at the end of the day.

    Personally, I think they need to work on the whole concept. Make it as transparent as possible or less likely need a full reboot - containers or put more things in like wsl? Make the reboot only do reboot and not 20min installing updates… The user cant even chat on teams or browse the web while waiting. Think if it worked like like live cd that Linux can do.