Hi, I’m setting up a public wiki using mediawiki and I’d like some help ensuring the server and mediawiki is safely setup before I start sharing it publicly. I installed it on Vultr using the mediawiki app from the Vultr Marketplace. Are there any things I should ensure before publicly sharing the link?

Some things I’ve done so far:

  • I disabled password login to the server so its only possible to login via ssh

  • I made it so I have to approve of any edits to the wiki

  • I still haven’t enabled uploads of files because I want to ensure I only allow jpeg\png uploads.

I’m relatively new to running servers so any tips are highly appreciated.

  • xnx@lemm.eeOP
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    ELI5? 😅

    The install section of naxsi is a whole lotta stuff I’ve never touched before

    • I eat words@group.lt
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      sorry, this is kinda like a firewall, but protecting websites, so many vulnerabilities are filtered out. it does not protect you 100% percent (nothing does). it might be hard to setup, in that case there is an option to use waf as a service, i.e. - cloudflare has such offering, maybe there are others as well. i have looked into vultr - they seem to offer only a “usual” type of firewall, not http/application based.

      • xnx@lemm.eeOP
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Ah ok thanks for the info! Do you know if vultrs firewall would make installing fail2ban redundant?

          • Haui@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            1 year ago

            But if your home ip ever changes, you‘re fucked. I would never do that. Pubkey is the way.

            • I eat words@group.lt
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              usually i add more than 1 ip and also vultr firewall can be managed to change ip. tailscale can be used as well. there are options!