ocean@lemmy.selfhostcat.com to Selfhosted@lemmy.worldEnglish · 2 days agoWhat steps do you take to secure your server and your selfhosted services?message-squaremessage-square42fedilinkarrow-up10arrow-down10file-text
arrow-up10arrow-down1message-squareWhat steps do you take to secure your server and your selfhosted services?ocean@lemmy.selfhostcat.com to Selfhosted@lemmy.worldEnglish · 2 days agomessage-square42fedilinkfile-text
Inspired by this comment to try to learn what I’m missing. Cloudflare proxy Reverse Proxy Fail2ban Docker containers on their own networks
minus-squarehperrin@lemmy.calinkfedilinkEnglisharrow-up0·1 day agoOne thing I do is instead of having an open SSH port, I have an OpenVPN server that I’ll connect to, then SSH to the host from within the network. Then, if someone hacks into the network, they still won’t have SSH access.
minus-squareChewy@discuss.tchncs.delinkfedilinkEnglisharrow-up0·edit-223 hours agoI do the same, but with Wireguard instead of OpenVPN. The performance is much better in my experience and it sucks less battery life.
One thing I do is instead of having an open SSH port, I have an OpenVPN server that I’ll connect to, then SSH to the host from within the network. Then, if someone hacks into the network, they still won’t have SSH access.
I do the same, but with Wireguard instead of OpenVPN. The performance is much better in my experience and it sucks less battery life.