When I set up a new Hetzner VPS first thing I do install Tailscale and once I'm in via Tailscale lock down the firewall to only accept web traffic on HTTPS 443 for Cloudflare IPs and SSH 22 for Tailscale IP
That way nobody can get in
I know I keep repeating this but it should be basics of setting up a new VPS
So basic IMHO it should be part of any VPS service to default install Tailscale and enable it so it's the only way to get in
Why?
A VPS server is just like your laptop or destop computer but now imagine if it's connected to the entire internet with 8 billion people that can access it and try hack it
You want to only have it accessible to you
And if you want to host a website on your VPS (like I do), you should only let Cloudflare access your VPS so it can stand in front and block any hack attempts
Never expose a VPS to the world wide web which realistically is the world WILD web
Areeb ur Rub@areeburrub@levelsio @nfcodes I created a redis instance on hetzner with public port open for few minutes and someone was running a cryptominer the next moment taking 50% CPU 💀 After that I always use @Tailscale 👌