Hi
I recently registered a new domain name and made a cloudflare tunnel using the add on CLOUDFLARED. Everything works great but the thing is that I now get daily 4 notifications that someone tried to login to HA.
I never had this before when using Duckdns + Lets Encrypt.
Is it because the domain name is visible to the public ? Would it help to create a subdomain for the tunnel ? Thanks for any suggestions.
Regards
R
Your internet is like your phone.
You can not prevent people from calling your number.
You can only have a number and that will limit the calls a bit, but a domain name is like a listing in the yellow pages, where your name and number will be linked together.
You can only really control your access gateway and relying on HA as the first check might be a bit optimistic.
I would recommend a vpn gateway as the first one and then HA after that.
I had a similar issue. These attempts came all from foreign countries, so I simply allowed login access from my country. You can also block specific countries/continents. The blocking rules are very flexible and easy to configure. in Cloudflare, select your domain name > Security tab on the left hand side > WAF from the dropdown > Create (or edit) blocking/permission rules. This can be configured for country, continent, etc.
Now I am investigating how to configure blocking based on the amount of false login attempts. Probably at the same location, but the " rate limiting rules" tab.