16 Apr 2021 |
| redpanda left the room. | 13:02:16 |
FritzJ | Does anyone here run a full SSD server? My server room is subject to a lot of vibrations so i want to avoid HDDs
Should i go with TLC SSDs, or are QLC also fine for servers? | 13:49:28 |
mntr0 (janny for jesus) | In reply to @fritzj:matrix.org Does anyone here run a full SSD server? My server room is subject to a lot of vibrations so i want to avoid HDDs
Should i go with TLC SSDs, or are QLC also fine for servers? Depends on behavior. If you write often or if you read often etc. | 17:43:32 |
mntr0 (janny for jesus) | Maybe you should get a big cheap array and a small fast array and manage your data. | 17:44:01 |
| nicefellow77 set a profile picture. | 21:26:14 |
| ex0dus joined the room. | 22:34:40 |
ex0dus | anyone using seafile and fail2ban? | 22:35:19 |
| devnope joined the room. | 23:54:47 |
17 Apr 2021 |
fiveseven | I don't think most people should use fail2ban if you're trying to avoid distributed attacks because it can easily become a DoS generator in itself by adding so many rules | 00:35:08 |
fiveseven | that the kernel gets overloaded and your bandwidth is severely reduced | 00:35:28 |
fiveseven | or completely blocked | 00:35:36 |
ex0dus | so let people have unlimited password attempts? | 00:39:31 |
fiveseven | no | 00:48:40 |
fiveseven | use a better solution | 00:48:42 |
fiveseven | i.e. don't expose the port to everyone | 00:48:49 |
fiveseven | either limit it to known safe hosts, or use something like a port knocker | 00:48:59 |
fiveseven | (however, unlimited password attempts may actually be less CPU intensive than adding fail2ban rules... plus you can limit or slow down the number of attempts in various ways) | 00:49:46 |
fiveseven | * (however, unlimited password attempts may actually be less CPU intensive than adding fail2ban rules... plus you can limit the number of attempts in various ways) | 00:49:57 |
fiveseven | * (however, unlimited password attempts may actually be less CPU intensive than adding fail2ban rules... plus you can limit or slow down the number of attempts in various ways) | 00:50:18 |
ex0dus | okay well my issue was seahub.log only has warnings and higher (not info) so fail2ban can't see the invalid attempts | 01:25:34 |
ex0dus | never mind i thought it would show up as info, it's warning and working as expected | 02:13:03 |
stelthpanther | ex0dus I'm not going to try and play an expert, I've been putting off getting fail2ban setup for jellyfin & home assistant, but it is regex based on the logs. They do have a wiki that has a lot of examples for different setups. | 02:20:11 |
stelthpanther | ex0dus I did also catch this, https://manual.seafile.com/security/fail2ban/ | 02:22:23 |
stelthpanther | ex0dus this may help, too. https://github.com/fail2ban/fail2ban/wiki/Proper-fail2ban-configuration | 02:27:09 |
ex0dus | thanks, i figured it out tho, i thought seahub wasnt generating logs | 02:27:45 |
stelthpanther | In reply to @ex0dus:matrix.org thanks, i figured it out tho, i thought seahub wasnt generating logs Your web server should be housing those logs. | 02:33:44 |
stelthpanther | But that is good. 😁 | 02:34:09 |
| cinnamon_twist joined the room. | 02:52:27 |
| @kev.riot:matrix.org joined the room. | 03:46:00 |
| @kev.riot:matrix.org left the room. | 07:12:27 |