• 5 Posts
  • 397 Comments
Joined 3 years ago
cake
Cake day: June 11th, 2023

help-circle
















  • Some of the things in my house were set up so long ago, and running so smoothly, i havent looked at them in years (other than auto updates) now i’m afraid i’ve accidentally left some security hole without realizing it

    For example, i set up cerbot 10 years ago and back then there was no DNS challenge, so i had to open my webserver to port 80 to renew… well since everything was running from https/443, i decided to block port 80

    so i edited the systemctl unit for certbot to temporarily open port 80 for the renewal, and close it right after…

    It was only 5 years later i realized i made a mistake and port 80 had been open for 5 years to the open internet

    Probably no harm since its a public server anyway… defense in depth is the key