New fun thing I did to secure my VPS even further I installed @Cloudflare Tunnel, many of you r
<p>New fun thing I did to secure my VPS even further<br>
<br>
I installed <a href="https://nitter.net/Cloudflare" title="Cloudflare">@Cloudflare</a> Tunnel, many of you recommended me this<br>
<br>
I already had 443 inbound firewall limited to Cloudflare's IP range, but this is even better<br>
<br>
Cloudflare Tunnel is outbound, which means it connects from your server to Cloudflare, and keeps the connection active, then if someone opens your site, Cloudflare sends you the package via the tunnel and your server responds<br>
<br>
Then you can block ALL inbound traffic on your firewall (in my case the Hetzner firewall in the dashboard), so now NOBODY can ever access my server, only Cloudflare and Tailscale (which is my own subnet which just my server and my laptop on it)<br>
<br>
You can just ask AI to set it up on the server etc., very easy</p>
<img src="https://nitter.net/pic/media%2FHHpI5-qXQAI11jp.jpg" style="max-width:250px;" />
<hr/>
<blockquote>
<b>@levelsio (@levelsio)</b>
<p>
<p>When I set up a new Hetzner VPS first thing I do install Tailscale and once I'm in via Tailscale lock down the firewall to only accept web traffic on HTTPS 443 for Cloudflare IPs and SSH 22 for Tailscale IP<br>
<br>
That way nobody can get in<br>
<br>
I know I keep repeating this but it should be basics of setting up a new VPS<br>
<br>
So basic IMHO it should be part of any VPS service to default install Tailscale and enable it so it's the only way to get in<br>
<br>
Why?<br>
<br>
A VPS server is just like your laptop or destop computer but now imagine if it's connected to the entire internet with 8 billion people that can access it and try hack it<br>
<br>
You want to only have it accessible to you<br>
<br>
And if you want to host a website on your VPS (like I do), you should only let Cloudflare access your VPS so it can stand in front and block any hack attempts<br>
<br>
Never expose a VPS to the world wide web which realistically is the world WILD web</p>
</p>
<footer>
— <cite><a href="https://nitter.net/levelsio/status/2033546675063554213#m">https://nitter.net/levelsio/status/2033546675063554213#m</a>
</footer>
</blockquote>
为什么值得关注
能改变理解方式,而不只是重复常识;有直接可用的方法、工具或操作价值;它提供了新的理解或解释,而不只是表面观点
来源:x,领域:tech,保留分:0.63
讨论总结
讨论量较低,暂无明显增量信息。