cross-posted from: https://reddthat.com/post/39309359
I’ve been running Home Assistant for three years. It’s port forwarded on default port 8123 via a reverse proxy in a dedicated VM serving it over HTTPS and is accessible over ipv4 and ipv6. All user accounts have MFA enabled.
I see a notification every time there’s a failed login attempt, but every single one is either me or someone in my house. I’ve never seen a notification for any other attempts from the internet. Not a single one.
Is this normal? Or am I missing something? I expected it to be hammered with random failed logins.
… that you know of.
I have crowdsec running on my caddy reverse proxy for my home server and it’s logging and blocking at least 10-20 hostile IP addresses trying to do port scans/other automated script hacks every day.
“The difference between attack and defense, is that you know your attacks are failing” -someone at a CCC.