Lukas RotermundI just banned ~30,200 bot-scan IPs with a Forgejo honeypot. More are still coming in.
Do you have any good everyday Forgejo fail2ban filters that you can recommend?
Christoph@lukasrotermund that is an interesting thing. Could you give a roundup about your setup and the way you setup the honeypot and log and block the ip adresses?
@x3c nothing I did was smart tbh. I just had a specific repo that got DoS'ed/scanned and I changed it to private so that the requests result in a 404. Next I added a forgejo syslog filter looking for the 404 error logs for that repo and a new jail for the filter.
I wish I could give a better filter but I'm not that smart haha. I hope I'll find some good and ready to use forgejo filters at the weekend to replace my custom filter with something more reliable
@x3c and atm a lot of them are swapping over to my recidive jail