• 0 Posts
  • 18 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle
  • This is 100% the way to go. I spun up a new server for a public-facing site on my VPS and I wondered if I really needed fail2ban. Within ten minutes of setting it up it had already blocked four people.

    Don’t open port 22 if you can help it. Use it on your local network and VPN in if you need to use it offsite.





  • I use a reverse proxy so I can just use a hostname and not need a port. I run Jellyfin that way no problem, function-wise.

    Additionally, not having a domain won’t necessarily protect you since you do have people out there scanning for ports and when they see 8096, they’re going to immediately know it’s a Jellyfin/Emby server and any vulnerabilities associated with those. If you use a reverse proxy, they only see 443 which is…pretty much every other site on the internet. That’s security through obscurity, I know, but it will help mitigate some of the easier attacks.

    I’ll say that everything I have to have a port open for (mostly game servers) gets targeted by the internet at large despite the fact that I’ve published the address and port absolutely nowhere online and only shared it with close friends. I almost never get anyone trying to log in to my other services.


  • I have almost this exact setup (paperless-ngx on a LUKS encrypted drive, but mine is running on a VM in Proxmox) and I feel pretty good about the security. That being said, I only have it running on my home network and use a WireGuard VPN if I need to access it remotely. I can’t say I would feel as comfortable if I just had it open to the internet. Like, it’s probably ok, but then you’re relying on Paperless being your first and last line of defense.




  • Oh totally. It wasn’t a knock at the software at all. In fact. I’m surprised by how well this works as a drop-in replacement for Reddit for me and both Lemmy and Kbin are solid.

    The reason I asked was that, with my single-user Mastodon instance, likes/boosts and comments are nearly always incomplete on my server just because of the way federation works. I was just wondering if that was something smaller instances had to deal with in perpetuity or if it was just a one-off issue that happened at the start.

    The OP commented below saying that comments appeared to be loading instantaneously after that initial hiccup.








  • I opened this thread to see if anyone recommended Valheim, because what you said is exactly what my group does. We’re all dads with jobs and we play when we can, but we schedule 2-3 hour video call sessions to fight the bosses.

    When it comes to Valheim, you need the help, too. Those bosses can be brutal.