I, recently, started running a Lemmy instance. I am, also, new to Linux servers.
At the advisement of some tech acquaintances, I’ve installed UnnattendedUpgrades and Fail2ban.
What would you recommend?
I, recently, started running a Lemmy instance. I am, also, new to Linux servers.
At the advisement of some tech acquaintances, I’ve installed UnnattendedUpgrades and Fail2ban.
What would you recommend?
i personally don’t recommend fail2ban: it’s a good way to lock yourself out of your own server but will probably not protect you from any attacks.
for protection unattended upgrades (like you have) and disabling SSH password auth (
PasswordAuthentication no
in /etc/ssh/sshd_config) is the best you can do.also i’ve never run a lemmy instance but make sure the database isn’t reachable from the internet, only from localhost :)
If you get locked out by your own fail2ban rules then you’ve probably forgotten your password.
Not to mentionyoull probably be able to get control back using your hosts console.
sure sure it’s just fail2ban doesn’t just apply to SSH and can get your IP banned if you typo on your password on some web service… and from there you can’t SSH into the server to fix the problem ;) ;)
Yeah if you dont configure it properly. Ive never actually know anyone get locked out by fail2ban
Oh i’m pretty good at making stupid mistakes ;)