SomeBoyo@feddit.de to Selfhosted@lemmy.world · 7 months agoWhat are common practice's for hardening/securing your server?message-squaremessage-square66fedilinkarrow-up1137arrow-down12
arrow-up1135arrow-down1message-squareWhat are common practice's for hardening/securing your server?SomeBoyo@feddit.de to Selfhosted@lemmy.world · 7 months agomessage-square66fedilink
minus-squareLem453@lemmy.calinkfedilinkEnglisharrow-up10·edit-27 months agoHighly recommend getting a router that can accept wireguard connections. If the router goes down you’re not accessing anything anyways. Then always put ssh behind the wireguard connections. For a homelab, there is rarely a need to expose ssh directly so best practice will always be to have multi layered security when possible.
minus-squarePoutinetown@lemmy.calinkfedilinkEnglisharrow-up4·7 months agoYeah it’s good to have a system separate from the main server. It’s always so frustrating having to debug wireguard issues cause there’s some problem with docker
Highly recommend getting a router that can accept wireguard connections. If the router goes down you’re not accessing anything anyways.
Then always put ssh behind the wireguard connections.
For a homelab, there is rarely a need to expose ssh directly so best practice will always be to have multi layered security when possible.
Yeah it’s good to have a system separate from the main server. It’s always so frustrating having to debug wireguard issues cause there’s some problem with docker