For this project, I deployed Nextcloud behind Nginx and built a Python daemon that performs real-time anomaly detection on incoming HTTP traffic. The key requirement was to avoid static assumptions and instead learn “normal” traffic behavior continuously. Stack and deployment model VPS: Linux (2 vCPU / 2 GB RAM minimum) Nextcloud container (provided image) Nginx reverse proxy Python detector daemon Slack Incoming Webhooks iptables for active mitigation Live dashboard (Flask) Nginx writes JSON access logs to /var/log/nginx/hng-access.log, stored in a named Docker volume HNG-nginx-logs shared read-only with detector. Structured logging Nginx access logs include at minimum: source_ip timestamp method path status response_size This simplifies parsing and keeps the detector robust under load.…