swifteh@lemmy.mltoMovies and TV Shows@lemmy.film•[Discussion] What is your go-to movie that you will never turn down?English
11·
1 year agoHackers. It’s so bad but I love it
Hackers. It’s so bad but I love it
Any service I have that is public facing is proxied through Cloudflare. I run a firewall on the host that only allows traffic from Cloudflare IPs. Those IPs are updated via a cron job that calls this script: https://github.com/Paul-Reed/cloudflare-ufw I also have a rule set up in Cloudflare that blocks traffic from other countries.
For WAF, I use modsecurity with nginx. It can be a little time consuming to set up and weed out false positives, but it works really well when you get it configured properly.
Some of my applications are set up with Cloudflare Access. I use this with Azure AD free tier and SAML, but it could be set up with self hosted solutions like authentik.
It’s a quote from the book 1984 by George Orwell