Comment on 700+ self-hosted Git instances battered in 0-day attacks
jeena@piefed.jeena.net 4 days agoI’m not allowing random people hosting their git repos on mine but it’s public and they can fork my own stuff on it in theoretically upload some bullshit.
Jason2357@lemmy.ca 3 days ago
Any time you have a server willing to process random data uploaded from randos, just expect it to be compromised eventually and prepare for the eventuality by isolating it, backing it up religiously, and setting up good monitoring of some sort. Doesnt matter if its a forge, a wiki, or like nextcloud or whatever. It will happen.
Jason2357@lemmy.ca 3 days ago
To anyone afraid of the above conclusion, a dedicated $5 VPS with automatic snapshots get you a long way.
WhyJiffie@sh.itjust.works 2 days ago
if the server is compromised, all the data it stores is at risk of getting drleted or modified. so I don’t think a VPS really solves the problem.