Hi,
I wanted to create a Minetest server based on Linux. Now I am not an expert in dealing with Linux and therefore want to know how to install the Minetest server files in such a way that it is as safe as possible from possible attacks. I suppose there's something to consider. :)
So far, I have a Ubuntu server that I can target through SFTP and SSH, and in the home directory of the root account there is an archive with the compiled Mintetest server parts.
Greetings
Secure install Minetest Server on Linux
Re: Secure install Minetest Server on Linux
This is only a very short list of things you *should* really do, there are many other things that I'm leaving out here:
- don't run your server as root
- do not use sftp. Use `scp` instead.
- uninstall software from the server that you do not need. Especially graphical things like the X server.
- don't use passwords to connect your server, use keys instead
- run a supported and patched minetest version.
- do not compile it yourself, do not leave compiling and development tools on your server
- apply OS updates regularly, update minetest regularly
- install your mods and content in a way that it's read-only to the minetest server
- keep your minetest data in a separate location where it's only writable to the (special) user id that runs the minetest server (not your id, not root, but preferably some new unprivileged user id)
- do not install any other services on the same host that you don't need to
- make backups often, and make them remotely
- don't run your server as root
- do not use sftp. Use `scp` instead.
- uninstall software from the server that you do not need. Especially graphical things like the X server.
- don't use passwords to connect your server, use keys instead
- run a supported and patched minetest version.
- do not compile it yourself, do not leave compiling and development tools on your server
- apply OS updates regularly, update minetest regularly
- install your mods and content in a way that it's read-only to the minetest server
- keep your minetest data in a separate location where it's only writable to the (special) user id that runs the minetest server (not your id, not root, but preferably some new unprivileged user id)
- do not install any other services on the same host that you don't need to
- make backups often, and make them remotely
Who is online
Users browsing this forum: No registered users and 46 guests