h3x

joined 1 year ago
[–] h3x@kbin.social 2 points 1 year ago

Pretty unique. I think they are the best berries there is.

 

Now that Lemmy was hacked pretty badly, I started thinking how much kbin is tested for possible vulnerabilities?

What’s your stance on the idea of volunteering white hats testing the app in bug bounty style and reporting found vulnerabilities before some bad actor does? @ernest

I think there’s plenty of professionals here who would do this pro-bono.

[–] h3x@kbin.social 45 points 1 year ago* (last edited 1 year ago)

A pentester here. Those bad looking requests are mostly random fuzzing by bots and sometimes from benign vulnerability scanners like Censys. If you keep your applications up date and credentials strong, there shouldn’t be much to worry about. Of course, you should review the risks and possible vulns of every web application and other services well before putting them up in the public. Search for general server hardening tips online if you’re unsure about your configuration hygiene.

An another question is, do you need to expose your services to the public? If they are purely private or for a small group of people, I’d recommend putting them behind a VPN. Wireguard is probably the easiest one to set up and so transparent you wouldn’t likely even notice it’s there while using it.

But if you really want to get rid of just those annoying requests, there’s really good tips already posted here.

Edit. Typos

[–] h3x@kbin.social 2 points 1 year ago

Finland’s no Baltic nation FYI.