Hey all! For the longest time I’ve had a server that hosts some things (eg Syncthing), but is only available via SSH tunneling.
I’ve been thinking of self-hosting more things like Nextcloud and Vaultwarden. I can keep my SSH tunneling setup but it might make it difficult to do SSL.
How do you manage the security of having public-facing servers?
Password protect your services, set up your web server correctly, use cloudflare for some extra security against stuff like DDoS/DoS attacks. Also less is more, do not expose what you don’t need to expose.
There is always inherent risk with opening up your stuff to the world wide web.
Some stuff you can’t even secure yourself; some services just have bad security practices. The only way to fix them would be to wait for an update or submit a pull request.