85
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 12 Jul 2023
85 points (94.7% liked)
Selfhosted
60426 readers
241 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 3 years ago
MODERATORS
A number of people have touched on the perimeter security, but you can also look at your internal network too and whether you have the systems being exposed on vlans with firewalls preventing connectivity from those systems back to your other stuff that doesn’t need to be exposed. Could help cover you if a system is compromised due to bad config, zero day exploit, or whatever, by limiting the ability to then go sideways through your network to exploit other systems. Depending on what you are hosting there may be zero requirement for your externally facing server to need to talk to the majority of devices on your network, or the talk could be one way only (internal facing to external facing).