Hi guys!
Back in the day I used to have a VM holding nginx and all the crap exposed…and I did set it up with fail2ban. I moved away from it, as the OS upgrade was turning messy, and rebuilt onto an LXC container. How should I use fail2ban/iptables in order to protect/harden my LXC container/server? Do the same conditions apply, or will I have any limitations/issues due to the container itself?
Thanks!
Thanks I appreciate your reply… I have a bit of concern about an unprivileged container having firewall limitations (as I might have read in the past this was…finicky), but I’m going to give it a shot.
I’m exclusively running unprivileged LXC containers and haven’t had any issues regarding the firewall, neither with iptables nor nftables.
I’ve also been running nginx in an unprivileged LXC container. I haven’t used fail2ban, specifically, but crowdsec has been working without issue.
You can mostly just treat an LXC like a normal VM.