this post was submitted on 08 Jul 2023
144 points (100.0% liked)

Selfhosted

40220 readers
1259 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I put up a vps with nginx and the logs show dodgy requests within minutes, how do you guys deal with these?

Edit: Thanks for the tips everyone!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 15 points 1 year ago (6 children)

Nothing too fancy other than following the recommended security practices. And to be aware of and regularly monitor the potential security holes of the servers/services I have open.

Even though semi-related, and commonly frowned upon by admins, I have unattended upgrades on my servers and my most of my services are auto-updated. If an update breaks a service, I guess its an opportunity to earn some more stripes.

[–] [email protected] 4 points 1 year ago (1 children)

Why is unattended upgrades frowned upon? Seems like I good idea all round to me?

[–] [email protected] 4 points 1 year ago (1 children)

Mostly because stability is usually prioritized above all else on servers. There's also a multitude of other legit reasons.

[–] [email protected] 9 points 1 year ago (2 children)

All the legit reasons mentioned in the blog post seem to apply to badly behaved client software. Using a good and stable server OS avoids most of the negatives.

Unattended Upgrades on Debian for example will by default only apply security updates. I see no reason why this would harm stability more than running a potentially unpatched system.

[–] [email protected] 3 points 1 year ago (1 children)

Even though minimal, the risk of security patches introducing new changes to your software is still there as we all have different ideas on how/what correct software updates should look like.

[–] [email protected] 3 points 1 year ago

Fair, I'd just rather have a broken system than a compromised one.

[–] [email protected] 1 points 1 year ago

Hell, debian is usually so stable I would just run dist-upgrade on my laptop every morning.

The difference there is that I’d be working with my laptop regularly and would notice problems more quickly

load more comments (4 replies)