I'm a bit concerned about the security of my page after setting up features for sending forgot password emails. While checking the exim4 maillog, I came across some suspicious activity. Is someone trying to access my email, or am I just being paranoid? Here's a link to the log: [Image Link](https://i.imgur.com/lQWsuDI.png)
3 Answers
It's normal for public-facing services to receive numerous brute force attempts. Make sure you have strong security measures in place to mitigate these threats. Doing a bit of research on best practices for your setup would go a long way!
Since your page is online, it's definitely possible that someone is attempting to gain access for various malicious purposes like spamming or stealing data. You should take it seriously!
I recommend setting up fail2ban right away. It helps cut down on log noise caused by repeated login attempts. Also, consider geoblocking connections from areas like China or Russia where you wouldn't expect traffic.
Thanks for the advice! I’ll definitely look into setting up fail2ban and beefing up my security measures.