Our great sponsors
-
crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
-
ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
-
Nginx Proxy Manager
Docker container for managing Nginx proxy hosts with a simple, powerful interface
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Or crowdsec: https://github.com/crowdsecurity/crowdsec
I use several security auditing tools for system hardening. https://cisofy.com/lynis/ is a nice beginner one.
It's one of the most secure services to expose over the Internet (assuming you've setup key-based authentication - and some additional measures like restricting SSH access to a group. You can harden it a lot more)
If you want to access your services outside your home network, use wireguard to connect to your home network and close all your ports except wireguard ports and if you have webservers and you want to expose Plex outside your network then open 80 and 443 and use something like nginxproxymanager the proxy manager will help you proxy your server to port 80 with domain and give it a SSL cert. I highly recommend you to proxy your servers through this