Hello peoples,
I am looking for tips on how to make my self-hosted setup as safe as possible.
Some background: I started self-hosting some services about a year ago, using an old lenovo thin client. It’s plenty powerful for what I’m asking it to do, and it’s not too loud. Hardware wise I am not expecting to change things up any time soon.
I am not expecting anyone to take the time to baby me through the process, I will be more than happy with some links to good articles and the like. My main problem is that there’s so much information out there, I just don’t know where to start or what to trust.
Anyways, thank you for reading.
N
You make a great point. I really shouldn’t contribute to the boogeyman-ification of port forwarding.
I certainly agree there is nothing inherently wrong or dangerous with port forwarding in and of itself. It’s like saying a hammer is bad. Not true in the slightest! A newbie swinging it around like there’s no tomorrow might smack their fingers a few times, but that’s no fault of hammer :)
Port forwarding is a tool, and is great/necessary for many jobs. For my use case I love that Wireguard offers a great alternative that: completes my goal, forces the use of keys, and makes it easy to do so.
Glad you didn’t take my comment as being “aggressive” since it certainly wasn’t meant to be. :-)
Wireguard is a game-changer to me. Any other VPN I’ve tried to setup makes the user make too many decisions that require a fair amount of knowledge. Just by making good decisions on your behalf and simplifying the configuration they’ve done a great job of helping to secure the internet. An often overlooked piece of security is that “making it easier to do something the right way is good for security.”
Right!! Just like anything there’s a trade-off.
Glad you phrased the well-intentioned (and fair) critique in a kind way! I love it when there’s good discourse around these topics