Hey all! For the longest time I’ve had a server that hosts some things (eg Syncthing), but is only available via SSH tunneling.

I’ve been thinking of self-hosting more things like Nextcloud and Vaultwarden. I can keep my SSH tunneling setup but it might make it difficult to do SSL.

How do you manage the security of having public-facing servers?

  • albsen@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Yes you should be worried. Dont expose services you’re not able to keep up to date and know how to manage and secure. Using tailscale is a great alternative as it allows you to have access without exposing anything to the internet, I’d prefer that. For everything else, subscribe to a CVE service for those (I use nextcloud and matrix and follow all security findings) and be ready to take them offline as soon as a critical exploit appears. Dont expose your passwords directly to the internet - ever; no matter if anyone else tells you its OK.