I analyzed 250,000 attacks on my Linux servers. Here's what I found.

I set up real-time monitoring on 14 production Linux servers, a mix of VPS, bare metal, and Docker hosts across DigitalOcean, OVH, Hetzner, and a couple of on-prem boxes. One server hosts 64 domains. Another runs a single Laravel app. They range from 1 vCPU to 8 vCPU, Ubuntu, Debian, CentOS 7, and AlmaLinux. I wanted to answer a simple question: what's actually hitting my servers? I let it run for 35 days. The answer was worse than I expected. The numbers Metric Value Total security events 254,177 Attacks per day (average) 8,400 Unique attacking IPs 23,831 IPs banned automatically 50,919 Repeat offenders (banned 2+ times) 9,827 Permanently banned (4+ offenses) 1,871 Worst single IP Banned 14 times before permanent block That's 8,400 attacks per day. Across 14 servers. Every single day. What's attacking you (and what they want) I'm going to skip the bot crawler noise and focus on what matters: attacks that can actually compromise your server . SSH brute force — 20,960 events The most pe

I analyzed 250,000 attacks on my Linux servers. Here's what I found.

Related Articles

The best way to protect your phone from a warrantless search in 2026

Roku launches a standalone app for Howdy, its $2.99 streaming service

Meta launches two new Ray-Ban glasses designed for prescription wearers

You’re a Bad Friend. So I Built an App to Help.

Aston Martin Valhalla (2026) Review: A $1 Million Plug-In Hybrid

Related Articles

News
The best way to protect your phone from a warrantless search in 2026
ZDNet • 2h ago

News
Roku launches a standalone app for Howdy, its $2.99 streaming service
TechCrunch • 2h ago

News
Meta launches two new Ray-Ban glasses designed for prescription wearers
TechCrunch • 2h ago

News
You’re a Bad Friend. So I Built an App to Help.
Medium Programming • 3h ago

News
Aston Martin Valhalla (2026) Review: A $1 Million Plug-In Hybrid
Wired • 3h ago