cross-posted from: https://reddthat.com/post/39309359
I’ve been running Home Assistant for three years. It’s port forwarded on default port 8123 via a reverse proxy in a dedicated VM serving it over HTTPS and is accessible over ipv4 and ipv6. All user accounts have MFA enabled.
I see a notification every time there’s a failed login attempt, but every single one is either me or someone in my house. I’ve never seen a notification for any other attempts from the internet. Not a single one.
Is this normal? Or am I missing something? I expected it to be hammered with random failed logins.
Probably simply not a lucrative target for automated scanning/attacks, unlike e.g. ssh.
Edit: or WordPress. My logs are full of those, until Crowdsec hits.