ok, so i put my server on the internet to make sure everything was up to snuff, and somebody has already tried to hack it. i blacklisted their IP addresses though, though they probably have a dynamic IP anyway.
so far, they haven't cracked the firewall. but it is a good test of the security i have setup.
Suricata IDS/IPS running with up to date rules, as well as shorewall (shoreline firewall). plus my router has a firewall, and to my knowledge, only port 80 is open to the public. so, shall i post the blacklist for "public shaming"?
@travis_farmer, it was spam.