Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Securing servers - Page 3
New on LowEndTalk? Please Register and read our Community Rules.

Securing servers

13»

Comments

  • FatGrizzlyFatGrizzly Member, Host Rep

    @vitobotta said:
    I just stopped exposing SSH to the Internet, and am now using a Cloudflare tunnel to SSH into the servers, still with OTP codes required. This was super easy to configure.

    I can confirm CF ZT is very cool. I expose no ports, everything goes via a cloudflare tunnel.

    You can use multiple authentication systems with CF ZT. Pog stuff.

  • vitobottavitobotta Member

    One more change I have just made regarding Cloudflare: I have restricted all traffic to ports 80 and 443 so that only requests coming from Cloudflare come through. This should cut the noise quite a bit.

  • MGarbisMGarbis Member

    @vitobotta said:

    Is the fix possible to use with wireguard installed by Nyr's script or can they mess firewall when used together?

    Isn't there any fix in the Docker itself?

    Thanks for sharing your setups! I have a lot to learn.

  • trycatchthistrycatchthis Member
    edited January 30

    I white list the IP addresses allowed to SSH into the server.

    I use ipset and deny all ip addresses then allow a couple of dynamic ip addresses and other trusted ip addresses to ssh.

    Also setup login notifications.

    I cant imagine doing all of that just to login to a server.

  • bdspicebdspice Member

    Most secure ways is to unplug the internet connection to server 🥱

  • loayloay Member

    I follow this guide:

    https://github.com/imthenachoman/How-To-Secure-A-Linux-Server

    Thanked by 3jlet88 ElonBezos let_rocks
Sign In or Register to comment.