Shodan VS ConfigServer Firewall

Transform OSINT sources such as shodan, bgpview & urlscan into templates which you can use to query & store any and each of the API endpoints they provide. Source: 10 months ago

I'm a little surprised you're asking this but as you don't know - if you set the rulebase correctly, you won't get hammered by "public". A lot of people (of course not people here) don't do that which is why shodan.io is full of servers with SSH exposed to the world. Source: 11 months ago

Eh, request a full demo before signing anything. If they make you buy before you can try, move on. Just be advised that data they collect from your site may be used in a database that puts a target on your back. Similar to how shodan.io works. I would probe them on how they handle customer data and if data is shared, partitioned, or isolated to ensure safety from a platform leak. They want to be a security... Source: 11 months ago

My network is being hit by China and Russia many times per hour. Make sure your firewall is up-to-date and not have any services available on the Internet (WAN). Look at shodan.io which shows you _everything_ is searched on the Internet. Source: 11 months ago

In the cases of nginx or apache, I suspect they may be acting as proxies to some backend that also chooses not to send a reason phrase back. Searching for "Reason Phrase" yields a number of bug reports/frameworks that may omit it, and shodan.io shows apache tomcat and a few other services/software that omit the code as well. Source: 12 months ago

In this post we will discuss how to use efficiently IPSET with CSF (ConfigServer Security & Firewall) Firewall. Unfortunately, I will not discuss what CSF is because it's not within the scope, but you can read about it here. - Source: dev.to / 3 months ago

At the very least, the free ConfigServer CSF is a more robust firewall addon that blocks brute force attempts, mod security failures, and so on. It's relatively easy to install, has a ton of options, and it's easy to whitelist IPs if your users have trouble. The same dev has a virus & malware scanner that's available as a one-time purchase. Source: about 1 year ago

Use CSF (linux only) to cut down some basic attacks https://configserver.com/configserver-security-and-firewall/. Source: over 1 year ago

Seems like a GUI wrapper (other than the graphs) so may not solve the OPs issue of things like Docker complicating the firewall. Source: over 1 year ago

You should not have ANY ports on the home network open to the outside. NONE. If you insist on running a public-facing service at home, use a VPS with an ARGO tunnel. No SQL ports should be open to anywhere, not even on a private net. Use SSH tunnels to access if needed. As long as everything is closed to the outside, a consumer-grade firewall, along with every node on the home network protected by Configserver... Source: over 2 years ago