reminds me of my first mail server, accidentally set up an open relay and got a lot of abuse reports from mail providers saying they blocked my server due to it. Took forever to get fixed again.
Comment on Setting up VPS (finally)
irmadlad@lemmy.world 4 days ago
I remember the first Linux server I stood up on a VPS. It got thoroughly hacked almost immedietly. Not only did they hack the server, they set up attack vectors on other servers…aaaand a bitcoin miner. Got up that morning, checked mail, and there was a nastygram from my host wanting to know WTF over. Since then, I did a ton of reading, took a couple basic online courses for my own edification. I now tend to go overboard on security now days if that is possible. I’ve been told my set up is way over engineered. However, it’s been ticking along these many, many years now without issue. Also, since I am the only user of my network, it’s a little easier to lock down. Users create complexities and complexities cause issues.
I’m sure you have done the leg work in bolstering your knowledge base in setting up your first VPS server, but as others have said, beware. It reminds me of the movie Constantine, where just beyond light, in the shadows, lurk thousands and thousands of demons. They are sophisticated bots too, and are quite autonomous.
Authentik
In my reading, tho I don’t run it, VoidAuth is supposed to be lighter than Authentik. Do you have a directive or purpose sketched out for your server? What you want to accomplish, etc?
VPN (At least for local-to-VPS connection, but possibly also for external clients?)
Tailscale is my choice for my VPN overlay on the server. I also use the evil Cloudflare Tunnel/Zero Trust. All devices also run their own VPN.
I have played around with Cosmos. Pretty neat little package, especially for someone just starting out. I can’t speak to it’s performance, but I read glowing reviews. YunoHost would be in that category as well, with a very large app catalog.
Looks like you are heading in the right direction.
Pika@sh.itjust.works 4 days ago
irmadlad@lemmy.world 4 days ago
I mean, there can be some serious consequences, especially if your server starts attacking other servers. They don’t take that shit lightly.
Pika@sh.itjust.works 4 days ago
oh for sure, it made sense that they wanted to make sure was fixed. Just was super alarming the speed it was advertised that the relay was there!
littleomid@feddit.org 4 days ago
How did you manage that? Opened SSH with no password?
irmadlad@lemmy.world 4 days ago
I was rather green then, and when I got the nastygram, the host had already shut things down because it was reeking havoc. So I never really got to observe and I didn’t want to light that candle again. I just wiped it…started studying, and when I felt comfortable, I gave it another go.