#Keeping Secure

Hi.

I have my configuration.yaml http section set up as follows

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
  ip_ban_enabled: true
  login_attempts_threshold: 5

but i'm getting logs that say concerning things like below - with 20 or more occurrences. Is there any way i can prevent this miscreant from having infinite shots at my security (other than the obvious option of not opening myself up to the internet in the first place)

Thanks

Logger: homeassistant.components.http.security_filter
Source: components/http/security_filter.py:81
integration: HTTP (documentation, issues)
First occurred: 15 November 2024 at 21:22:08 (20 occurrences)
Last logged: 23:14:17

Filtered a request with a potential harmful query string: /index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/<?echo(md5("hi"));?>+/tmp/index1.php
Filtered a request with a potential harmful query string: /index.php?lang=../../../../../../../../tmp/index1

Easy answer - fail2ban and a reverse proxy

welp since i'm seeing action here i'll go ahead and ask; what would be a good solution for managing self signed certs using linux and not exposing to outside world?

Got any instructions on this? I thought that adding the failure count to ipban line to config. Yaml was functionality equivalent to fail2ban but apparently not if there are 20+ attempts.

The forum should have this covered

Keep in mind that the official apps will be a pain in the ass to get working with self signed certs

You're probably better off using a legit wildcard cert for *.internal.example.com, where your domain is example.com and you run your network on internal.example.com

is that secure?

i just don't want my boxes turning on me

I would however strongly recommend that you don't hijack somebody else's question but start your own 😉

yeah

Sure