cross-posted from: https://reddthat.com/post/39309359
I’ve been running Home Assistant for three years. It’s port forwarded on default port 8123 via a reverse proxy in a dedicated VM serving it over HTTPS and is accessible over ipv4 and ipv6. All user accounts have MFA enabled.
I see a notification every time there’s a failed login attempt, but every single one is either me or someone in my house. I’ve never seen a notification for any other attempts from the internet. Not a single one.
Is this normal? Or am I missing something? I expected it to be hammered with random failed logins.
On my Synology NAS, I have it set to auto-block IPs after a few failed attempts. Some days, I’ll have like 50 of those come through at a time (all random addresses from random countries). Other weeks or months can go by without a single one.
So, I think it’s one of those “matter of time” deals, so as long as you are properly locked down, it should be viewed as normal.