KG_NV

I just saw in the new version of the container that updated while I was back at the day job that there is a settings open to change the default site. Well done, thanks! My next question would be which is the best option for deterring bad guys? 404, 444, or maybe redirect? Or do they all say enough to the prying eyes that the server is responding to reqeuests so they keep at it? Also, is fail2ban implementation forthcoming? That would help solve the problem.

I can add 404 hosts, have have add the IP address as one as a temporary bandaid, but that works until my dynamic IP changes. Then I have to know that and manually change the 404 host. Ideally, anything other than requests from mysubdomain.mydomain.com would just gets dropped. Even with 404 I see foreign bad guys trying to run exploits in the dead-hosts log.

Subdomains are setup as C-names on the domain manager that point to a duckdns DDNS which ultimately points to my WAN IP. Everything is resolving fine. I just need to shut down all other connections.

I am using Nginx Proxy Manager to serve remote access for a Home Assistant installation. I want Nginx to drop any connections that don't come from mysubdomain.mydomain.com. I would also like to use GeoIP to block foreign IP from troublemaker countries. I have tried numerous ways to add the catch-all for any hosts/IP's other than mysubdomain.mydomain.com, but it is reading default_server from inside the docker container and when I try to add one in the custom config for my proxy host I get an error that there is a duplicate. It is my understanding that any custom config should be in /appdata, not in the docker container so that the config persists after an update. Because NPM is relatively new i've not had much luck in how to accomplish this within my config in /appdata.