Hi, I’m setting up a public wiki using mediawiki and I’d like some help ensuring the server and mediawiki is safely setup before I start sharing it publicly. I installed it on Vultr using the mediawiki app from the Vultr Marketplace. Are there any things I should ensure before publicly sharing the link?

Some things I’ve done so far:

  • I disabled password login to the server so its only possible to login via ssh

  • I made it so I have to approve of any edits to the wiki

  • I still haven’t enabled uploads of files because I want to ensure I only allow jpeg\png uploads.

I’m relatively new to running servers so any tips are highly appreciated.

    • xnx@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      ELI5? 😅

      The install section of naxsi is a whole lotta stuff I’ve never touched before

      • I eat words@group.lt
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        sorry, this is kinda like a firewall, but protecting websites, so many vulnerabilities are filtered out. it does not protect you 100% percent (nothing does). it might be hard to setup, in that case there is an option to use waf as a service, i.e. - cloudflare has such offering, maybe there are others as well. i have looked into vultr - they seem to offer only a “usual” type of firewall, not http/application based.

        • xnx@lemm.eeOP
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          Ah ok thanks for the info! Do you know if vultrs firewall would make installing fail2ban redundant?

            • Haui@discuss.tchncs.de
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              1 year ago

              But if your home ip ever changes, you‘re fucked. I would never do that. Pubkey is the way.

              • I eat words@group.lt
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                usually i add more than 1 ip and also vultr firewall can be managed to change ip. tailscale can be used as well. there are options!