Hello peoples,

I am looking for tips on how to make my self-hosted setup as safe as possible.

Some background: I started self-hosting some services about a year ago, using an old lenovo thin client. It’s plenty powerful for what I’m asking it to do, and it’s not too loud. Hardware wise I am not expecting to change things up any time soon.

I am not expecting anyone to take the time to baby me through the process, I will be more than happy with some links to good articles and the like. My main problem is that there’s so much information out there, I just don’t know where to start or what to trust.

Anyways, thank you for reading.

N

  • Matej@matejc.comEnglish
    42·
    8 months ago

    Software:

    • firewall, no inbound and do outbound restrictions
    • use immutable OS
    • full disk encryption (keep in mind that in many setups you will need to be beside the computer after restart)

    Hardware:

    • put it in the trusted datacenter (home stuff is not safe from teenagers and people that need computer’s electrical socket for a vacuum cleaner)
      • Guenther_Amanita@feddit.deEnglish
        1·
        8 months ago

        Dude… It’s the hundredth time you’ve posted this copypasta.
        Image-based OSs aren’t locked down and also don’t depend on proprietary services.

        You can just read my post I made about immutable systems, maybe we can discuss it there.

        But, I wouldn’t choose a image based OS right now too for servers. At least yet.
        I’m just afraid about compatibility, because many installers and services might rely on access to the root file system for now. Debian is right now the best choice as server OS, but that might change in the future.