Sidharth20,000 failed SSH logins in 2 days.
On a server hosting only a static webpage.
Recently, I was checking logs on a VM that I own. It has no backend, no database.
Just a static webpage served by NGINX.
Yet, I found 20k failed SSH login attempts.
A VM becomes a target the moment it’s online.
Fortunately, password logins were disabled. Here is my new server security routine (non-root user, SSH auth, fail2ban etc.):
https://nerdsid.com/posts/cyber-security/10-steps-to-make-a-new-linux-vm-safe/
