Security operates in layers and ufw is a pretty simple layer to setup. Especially if you only have like one or two services you need exposed on a given system.
this post was submitted on 17 Oct 2023
1 points (100.0% liked)
Self-Hosted Main
504 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 1 year ago
MODERATORS
Yes every host should only be exposing what it needs to be exposing. UFW is dirt simple too. The amount of protection you gain for the effort is huge
If you don't know, you don't need!
Ufw is really simple, you should.
No take the time to actually learn iptables and then learn how to properly integrate fail2ban with iptables.
/frantically googles UFW
So ugh, I run Unraid and port forward plex and a valheim server.
Should I figure this out too?
Without going on a rant. UnRAID doesn't really have a firewall, so you end up deping on a latlyer 2 firewall. And depending on your router, you may be SOL. When you port forward, you basically open the route on fron your router's firewall. At that point, you depend on if the application is secure now the attack vector is as wide as the intention of the attacker. Unraid is a pain when it's down to security anyways.