I have a question regarding security. I’m on Hassio (HassOS on RPi 3B+) with nginx Add-On installed. I sometimes see that there were failed login attempts from 172.30.33.2, which should be the nginx docker container.
I now adjusted my configuration to this:
base_url: https://xxx.xxx.xxx
trusted_proxies: 172.30.32.0/23
use_x_forwarded_for: true
ip_ban_enabled: true
login_attempts_threshold: 3
Now I see some IPv6 addresses from time to time which have failed login attempts. Seems for me, that now the real origin addresses are logged. Is there any security hole I opened now or is this configuration I did save to use?