Some of the things in my house were set up so long ago, and running so smoothly, i havent looked at them in years (other than auto updates) now i’m afraid i’ve accidentally left some security hole without realizing it

For example, i set up cerbot 10 years ago and back then there was no DNS challenge, so i had to use open my webserver to port 80 to renew… well since everything was running from https/443, i decided to block port 80

so i edited the systemctl unit for certbot to temporarily open port 80 for the renewal, and close it right after…

It was only 5 years later i realized i made a mistake and port 80 had been open for 5 years to the open internet

Probably no harm since its a public server anyway… defense in depth is the key