• 0 Posts
  • 19 Comments
Joined 2 years ago
cake
Cake day: June 12th, 2023

help-circle
  • jasontoSelfhosted@lemmy.worldHave I been pwned?
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    This is 100% the way to go. I spun up a new server for a public-facing site on my VPS and I wondered if I really needed fail2ban. Within ten minutes of setting it up it had already blocked four people.

    Don’t open port 22 if you can help it. Use it on your local network and VPN in if you need to use it offsite.



  • jasontoTechnology@beehaw.orgWhat do you all search with?
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    2 years ago

    Not sure if you can see this since beehaw defederated us, but just add/edit the following in your settings.yml file in the searxng folder. The following redirects only reddit & twitter:

    enabled_plugins:
       - 'Hostname replace'
    
    hostname_replace:
    #   '(.*\.)?youtube\.com$': 'invidious.example.com'
    #   '(.*\.)?youtu\.be$': 'invidious.example.com'
    #   '(.*\.)?youtube-noocookie\.com$': 'yotter.example.com'
       '(.*\.)?reddit\.com$': 'teddit.net'
       '(.*\.)?redd\.it$': 'teddit.net'
       '(www\.)?twitter\.com$': 'nitter.net'
    #   # to remove matching host names from result list, set value to false
    #   'spam\.example\.com': false
       '(.*\.)?pinterest\.com': false
       '(.*\.)?instagram\.com': false
    



  • I use a reverse proxy so I can just use a hostname and not need a port. I run Jellyfin that way no problem, function-wise.

    Additionally, not having a domain won’t necessarily protect you since you do have people out there scanning for ports and when they see 8096, they’re going to immediately know it’s a Jellyfin/Emby server and any vulnerabilities associated with those. If you use a reverse proxy, they only see 443 which is…pretty much every other site on the internet. That’s security through obscurity, I know, but it will help mitigate some of the easier attacks.

    I’ll say that everything I have to have a port open for (mostly game servers) gets targeted by the internet at large despite the fact that I’ve published the address and port absolutely nowhere online and only shared it with close friends. I almost never get anyone trying to log in to my other services.


  • I have almost this exact setup (paperless-ngx on a LUKS encrypted drive, but mine is running on a VM in Proxmox) and I feel pretty good about the security. That being said, I only have it running on my home network and use a WireGuard VPN if I need to access it remotely. I can’t say I would feel as comfortable if I just had it open to the internet. Like, it’s probably ok, but then you’re relying on Paperless being your first and last line of defense.


  • jasontoSelfhosted@lemmy.worldSelf-hosted photoblog options
    link
    fedilink
    English
    arrow-up
    4
    ·
    2 years ago

    Ghost is self-hostable, easy-to-use, and looks beautiful. (Good) themes are usually a one-time payment, and they definitely have photoblog ones.

    I use both Ghost and Wordpress for my sites and, while it’s not as infinitely customizable as Wordpress, Ghost is also not as needlessly complex, vulnerable, or time-intensive.



  • Oh totally. It wasn’t a knock at the software at all. In fact. I’m surprised by how well this works as a drop-in replacement for Reddit for me and both Lemmy and Kbin are solid.

    The reason I asked was that, with my single-user Mastodon instance, likes/boosts and comments are nearly always incomplete on my server just because of the way federation works. I was just wondering if that was something smaller instances had to deal with in perpetuity or if it was just a one-off issue that happened at the start.

    The OP commented below saying that comments appeared to be loading instantaneously after that initial hiccup.








  • jasontoGaming@beehaw.orgMultiplayer Co-op games
    link
    fedilink
    English
    arrow-up
    5
    ·
    2 years ago

    I opened this thread to see if anyone recommended Valheim, because what you said is exactly what my group does. We’re all dads with jobs and we play when we can, but we schedule 2-3 hour video call sessions to fight the bosses.

    When it comes to Valheim, you need the help, too. Those bosses can be brutal.