101

I've been running my server without a firewall for quite some time now, I have a piped instance and snikket running on it. I've been meaning to get UFW on it but I've been too lazy to do so. Is it a necessary thing that I need to have or it's a huge security vulnerability? I can only SSH my server from only my local network and must use a VPN if I wanna SSH in outside so I'd say my server's pretty secure but not the furthest I could take it. Opinions please?

you are viewing a single comment's thread
view the rest of the comments
[-] hedgehog@ttrpg.network 3 points 1 year ago

Are you saying that NAT isn’t effectively a firewall or that a NAT firewall isn’t effectively a firewall?

[-] non_burglar@lemmy.world 3 points 1 year ago

NAT simply maps IPS across subnet boundaries in such a way that upstream routing tables don't need updating.

If you use destination NAT forward rules to facilitate specific destination port access, you are using a firewall.

[-] CompactFlax@discuss.tchncs.de 3 points 1 year ago

What sort of isp supplied residential equipment doesn’t block inbound connections? Pedantically, you’re correct.

this post was submitted on 24 Mar 2025
101 points (95.5% liked)

Selfhosted

60366 readers
777 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS