zlacker

[return to "I got hacked: My Hetzner server started mining Monero"]
1. j45+z6[view] [source] 2025-12-17 21:47:02
>>jakels+(OP)
Never expose your server IP directly to the internet, vps or baremetal.
◧◩
2. cortes+Hl[view] [source] 2025-12-17 23:14:33
>>j45+z6
Any server? How do you run a public website? Even if you put it behind a load balancer, the load balancer is still a “server exposed to the internet”
◧◩◪
3. j45+QD[view] [source] 2025-12-18 01:50:33
>>cortes+Hl
Public facing services routed through a firewall or waf (cloudflare) always.

Backend access trivial with Tailscale, etc.

Public IP never needs to be used. You can just leave it an internal IP if you really want.

◧◩◪◨
4. cortes+lE[view] [source] 2025-12-18 01:54:12
>>j45+QD
A firewall is a server, too, though.
[go to top]