I created my first public server - an SFTP server hosted on google cloud. I was checking the auth log during the 2nd day of testing and noticed that I'm getting 4-10 hits from random people every minute!! 3700 failed requests in 16 hrs - this seems ridiculous, so I want to know if there is any way to stop them. I have almost zero experience with firewalls - I was hoping to avoid defaulting to reject everyone and only allow whitelisted IPs, but maybe I'll have to consider it.
Apr 4 13:34:05 nfp sshd[12034]: Failed password for invalid user tjkim from 134.122.9.249 port 48930 ssh2
Apr 4 13:34:13 nfp sshd[12107]: Failed password for invalid user barman from 198.58.119.132 port 39626 ssh2
Apr 4 13:34:16 nfp sshd[12119]: Failed password for invalid user rscreen from 203.205.37.233 port 33740 ssh2
Apr 4 13:34:16 nfp sshd[12121]: Failed password for invalid user oakda from 164.90.194.36 port 41566 ssh2
Apr 4 13:34:18 nfp sshd[12123]: Failed password for invalid user lia from 43.130.60.190 port 46610 ssh2
Apr 4 13:34:20 nfp sshd[12125]: Failed password for invalid user hongphong from 193.106.60.145 port 33020 ssh2
Apr 4 13:34:23 nfp sshd[12127]: Failed password for invalid user uucpsh from 157.245.101.31 port 59112 ssh2
Apr 4 13:34:27 nfp sshd[12129]: Failed password for invalid user legaltech from 43.154.249.125 port 33970 ssh2
Apr 4 13:34:51 nfp sshd[12132]: Failed password for invalid user dhamu from 164.90.198.71 port 36212 ssh2
Apr 4 13:34:57 nfp sshd[12134]: Failed password for invalid user onapp from 115.182.105.68 port 46286 ssh2
Any guidance for a newbie?