this topics have been discussed often already please use the search
It is very common to see attacks on services exposed to the internet. there are lot of bots, script kiddies and other checking if they can access remote system and find something of interest… answers are always the same
- keep your system updated
- use MFA
- monitor system activity and block suspicious activities
Update: take a lok at this wiki to adopt most common security measures: How to maintain, check and improve the security of your Nextcloud installation?