Server Guides: Difference between revisions

(2 intermediate revisions by the same user not shown)

Line 4:

* [[matrix-server-guide|Matrix Server Guide]]

* ~~[[ssh-keys|Create SSH Keys]]~~

** Maubot Chatbot Guides

* SimpleX Server

* [[Service%20-%20storage%20-%20Nextcloud|Service - Storage - Nextcloud]]

* [[Authentik%20Installation|Authentik Installation]]

* [[setting%20up%20cryptpad%20server|Setting Up Cryptpad Server]]

* Proxmox

* Clapper

* [[Linux Server Initial Setup]]

* [[Linux Server Storage]]

== Best Practices to Secure Servers in 2024 ==

Line 20:

Line 24:

* '''No Root Login''': Disable root login to enhance security.

* '''SSH Keys with Password''': Use SSH keys with a passphrase and disable password login.

* '''[[SSH Keys]] with Password''': Use SSH keys with a passphrase and disable password login.

* '''VPN Access''': ~~Require~~ VPN access to reach the SSH server.

* '''VPN Access''': VPN access is required to reach the SSH server.

* '''Firmware and Auto Updates''': Enable automatic updates for both firmware and software.

* '''Firewall''': Configure a firewall to control incoming and outgoing traffic.

Line 34:

Line 38:

* '''Data Encryption''': Encrypt all data communication.

** Use ''scp'', ''ssh'', ''rsync'', or ''sftp'' for file transfer.

** Use ''scp'', ''ssh'', ''rsync'', rclone or ''sftp'' for file transfer.

** Consider ~~VPNs like OpenVPN~~ or ~~tinc for secure connections~~.

** Consider reverse proxy (tail scale, Cloudflare) or wireguard.

* '''Service Management''':

** Avoid using insecure services like FTP, Telnet, and Rsh.

Line 41:

Line 45:

* '''Kernel and Software Updates''':

** Apply all security patches promptly.

** ~~Consider using tools like ''apticron'' for Debian-based systems.~~

*** Use an Ansible Script to patch multiple servers periodically including OS, docker, git, etc

* '''Linux Security Extensions''':

** Enable SELinux or other security extensions to enforce limitations on applications.

@@ Line 4: / Line 4: @@
 * [[matrix-server-guide|Matrix Server Guide]]
-* [[ssh-keys|Create SSH Keys]]
+** Maubot Chatbot Guides
+* SimpleX Server
 * [[Service%20-%20storage%20-%20Nextcloud|Service - Storage - Nextcloud]]
 * [[Authentik%20Installation|Authentik Installation]]
 * [[setting%20up%20cryptpad%20server|Setting Up Cryptpad Server]]
 * Proxmox
+* Clapper
+* [[Linux Server Initial Setup]]
+* [[Linux Server Storage]]
 == Best Practices to Secure Servers in 2024 ==
@@ Line 20: / Line 24: @@
 * '''No Root Login''': Disable root login to enhance security.
-* '''SSH Keys with Password''': Use SSH keys with a passphrase and disable password login.
+* '''[[SSH Keys]] with Password''': Use SSH keys with a passphrase and disable password login.
-* '''VPN Access''': Require VPN access to reach the SSH server.
+* '''VPN Access''': VPN access is required to reach the SSH server.
 * '''Firmware and Auto Updates''': Enable automatic updates for both firmware and software.
 * '''Firewall''': Configure a firewall to control incoming and outgoing traffic.
@@ Line 34: / Line 38: @@
 * '''Data Encryption''': Encrypt all data communication.
-** Use ''scp'', ''ssh'', ''rsync'', or ''sftp'' for file transfer.
+** Use ''scp'', ''ssh'', ''rsync'', rclone or ''sftp'' for file transfer.
-** Consider VPNs like OpenVPN or tinc for secure connections.
+** Consider reverse proxy (tail scale, Cloudflare) or wireguard.
 * '''Service Management''':
 ** Avoid using insecure services like FTP, Telnet, and Rsh.
@@ Line 41: / Line 45: @@
 * '''Kernel and Software Updates''':
 ** Apply all security patches promptly.
-** Consider using tools like ''apticron'' for Debian-based systems.
+*** Use an Ansible Script to patch multiple servers periodically including OS, docker, git, etc
 * '''Linux Security Extensions''':
 ** Enable SELinux or other security extensions to enforce limitations on applications.