Hi
I finally succeeded in deploying a private nextcloud serveur
When listening requests on 443 port, i have lots of requests by amazonaws compute
I’m wondering about such requests, and how to have ufw firewall to filter them using domain name
You can check your logs what they are looking for, if it is just some random scanning. If you want to block dynamically, you can take a look at fail2ban.
the script kiddies and the bad guys running there scripts and scanner at aws resources.
instead of doing load testing you could use the bees to scan hosts…
carsten described in his how to who to setup fail2ban.
but. if the scanner are a little bit intelligent they just test one vulnerability once. so fail2ban wouldn’t detect them. at the end you have to keep your system uptodate and trust the nextcloud guys not to deliver to many bugs…