gerowen, Had an interesting notification from #Fail2Ban yesterday. Instead of Nextcloud, this one came from the "apache-auth" jail, which protects a pseudo-hidden/password protected service that has links intended for my family.
Anyway, somebody at the "Children's Hospital Colorado" found it, probably via port scan. Instead of failing auth, they got booted for trying to escape the web root to look at files like "/etc/passwd" and "/winnt/win.ini". I notified their IT dept.
Add comment