First of all, when running the security scan, I get a HUGE list of weaknesses from low to high.
It will take ages to solve all of them. I already enabled the mod security…
After testing it with different software I found even more vulnerabilities.
Since it will take ages to read about how to solve all that and apply it, I want to restrict access to only some ip addresses. My local ones and some public ones. Now my nextcloud and whole server can be hacked in no-time. So blocking access seems the best solution for now.
So the question is: where and how can I set rules to allow only trusted ip’s for nextcloud or the server in general?