Secure install Minetest Server on Linux

[lilo]

Hi,

I wanted to create a Minetest server based on Linux. Now I am not an expert in dealing with Linux and therefore want to know how to install the Minetest server files in such a way that it is as safe as possible from possible attacks. I suppose there's something to consider. :)

So far, I have a Ubuntu server that I can target through SFTP and SSH, and in the home directory of the root account there is an archive with the compiled Mintetest server parts.

Greetings

[sofar]

This is only a very short list of things you *should* really do, there are many other things that I'm leaving out here:

- don't run your server as root
- do not use sftp. Use `scp` instead.
- uninstall software from the server that you do not need. Especially graphical things like the X server.
- don't use passwords to connect your server, use keys instead
- run a supported and patched minetest version.
- do not compile it yourself, do not leave compiling and development tools on your server
- apply OS updates regularly, update minetest regularly
- install your mods and content in a way that it's read-only to the minetest server
- keep your minetest data in a separate location where it's only writable to the (special) user id that runs the minetest server (not your id, not root, but preferably some new unprivileged user id)
- do not install any other services on the same host that you don't need to
- make backups often, and make them remotely