A howto guide on setting up a simple and secure blog server using haproxy to serve https, hugo to serve the website, cerbot to generate the tls certificate, and crowdsec for defense
This is my first post on my new site, I hope someone finds it helpful!
My site is on a rented server at digital ocean. Some providers do more or less to protect you themselves though. I don’t think digital ocean does much monitoring or protecting, I’ve had servers on there compromised in the past that would have been caught by my current setup. It can’t hurt in any case.
I also run crowdsec on my home setup but I don’t have any open ports at home and never get alerts. I had suricata running and plugged into crowdsec as well so it would handle blocking for both, but suricata never got to get any action with crowdsec blocking malicious activity, so I disabled it to save resources.
I don’t mean about relying on the protection from these providers. I am talking about the inherent increased security of hosting on a server that’s on a different network than your local network.
My site is on a rented server at digital ocean. Some providers do more or less to protect you themselves though. I don’t think digital ocean does much monitoring or protecting, I’ve had servers on there compromised in the past that would have been caught by my current setup. It can’t hurt in any case.
I also run crowdsec on my home setup but I don’t have any open ports at home and never get alerts. I had suricata running and plugged into crowdsec as well so it would handle blocking for both, but suricata never got to get any action with crowdsec blocking malicious activity, so I disabled it to save resources.
I don’t mean about relying on the protection from these providers. I am talking about the inherent increased security of hosting on a server that’s on a different network than your local network.