• Gresham's Law
    link
    fedilink
    arrow-up
    10
    arrow-down
    4
    ·
    edit-2
    1 年前

    Please use an ethernet cable, you gonna need to keep that connection spotless and WiFi are vulnerable no matter which protocols, better turn it off.

    If I may also add a secure systems (Harden its configuration), a custom firmware on your router(Rec. Tomato series most updated)/hardware firewall(Rec. pfSense) with a VPS if the network is used for other means, they will help you in the long-term.

    It should go without saying if you can’t secure a server, don’t host one. You’re responsible for anything that happens to it & us.


    Gpt-4 Prompt using Forefront.ai (Worth taking a note):

    Q: Recommendations on the levels of security that need to be taken into account for self-hosting a decentralised community
    A: Self-hosting a decentralized community involves a number of security considerations. Here are some recommendations:

    1. Secure Server Configuration: Ensure that your server is configured securely. This includes using strong, unique passwords, disabling root login, and setting up a firewall. Also, consider using a security-focused operating system like SELinux or HardenedBSD.

    2. Data Encryption: All data, both at rest and in transit, should be encrypted. Use protocols like HTTPS for web traffic and SFTP for file transfers. For data at rest, consider using disk encryption technologies like BitLocker or LUKS.

    3. Regular Updates and Patches: Keep your server and all software up-to-date. This includes the operating system, web server software, database software, and any other software you’re using. Regularly apply patches to fix any known vulnerabilities.

    4. Backup and Recovery: Regularly backup your data and test recovery procedures. This will help you recover quickly in case of a data loss event.

    5. Access Control: Implement strict access control measures. This includes limiting who has access to your server and what they can do. Use technologies like two-factor authentication (2FA) to add an extra layer of security.

    6. Intrusion Detection and Prevention Systems (IDS/IPS): Use IDS/IPS to monitor your network for suspicious activity and automatically block or alert you of potential threats.

    7. Secure Application Development: If you’re developing your own applications, follow secure coding practices. This includes input validation, output encoding, and proper error handling. Consider using a security framework to help with this.

    8. Privacy Protection: As a decentralized community, your users will likely value their privacy. Use technologies like Tor or VPNs to help protect user privacy. Also, have a clear privacy policy and follow it.

    9. Auditing and Logging: Keep detailed logs of all activity on your server. This can help you identify and investigate any security incidents. Also, regularly audit your security measures to ensure they’re working as expected.

    10. Education and Awareness: Educate yourself and your community about security best practices. This includes things like recognizing phishing attempts, using strong passwords, and being cautious with downloads and attachments.

    Remember, security is not a one-time thing but a continuous process. Always stay informed about the latest threats and security best practices.