Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Securing servers - Page 3
New on LowEndTalk? Please Register and read our Community Rules.

Securing servers



  • FatGrizzlyFatGrizzly Member, Host Rep

    @vitobotta said:
    I just stopped exposing SSH to the Internet, and am now using a Cloudflare tunnel to SSH into the servers, still with OTP codes required. This was super easy to configure.

    I can confirm CF ZT is very cool. I expose no ports, everything goes via a cloudflare tunnel.

    You can use multiple authentication systems with CF ZT. Pog stuff.

  • One more change I have just made regarding Cloudflare: I have restricted all traffic to ports 80 and 443 so that only requests coming from Cloudflare come through. This should cut the noise quite a bit.

  • @vitobotta said:

    Is the fix possible to use with wireguard installed by Nyr's script or can they mess firewall when used together?

    Isn't there any fix in the Docker itself?

    Thanks for sharing your setups! I have a lot to learn.

  • trycatchthistrycatchthis Member
    edited January 30

    I white list the IP addresses allowed to SSH into the server.

    I use ipset and deny all ip addresses then allow a couple of dynamic ip addresses and other trusted ip addresses to ssh.

    Also setup login notifications.

    I cant imagine doing all of that just to login to a server.

  • Most secure ways is to unplug the internet connection to server 🥱

Sign In or Register to comment.