Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Help me secure my system and are dockers secure?

Featured Replies

Just thinking, i have little experience with networking and was wondering how secure my traffic is and whats the best way to start locking down my server. I see all of these discussions about nginx, letsencrypt, swag etc but what do these do security wise? If you've read this far, its obvious i have no idea of where to start with all of this. This thinking came about when i opened up plex remote access recently and i'm not that happy now that i'm thinking about it. None of my data is encrypted at all, should it be? It's just 'media' on the whole but there are one or two personal family bits, photos etc which i'd struggle to recreate if i ever got hacked and i'm reading that this is becoming more likely these days especially across unraid servers. But, its really my WHOLE server experience on the network side that i need to start learning about. What is best practice here? Even the smallest bit of advice will be taken .... as long as i understand what i'm doing, thats why encrypting my drives has always scared me away from doing it ...

50 minutes ago, superloopy1 said:

there are one or two personal family bits, photos etc which i'd struggle to recreate if i ever got hacked

For now forget about increasing or evaluating security and GET THOSE THINGS BACKED UP. Once you have offline backup of items you can't afford to lose, then start dealing with the rest of this.

 

Once you have a backup strategy in place, then you can start evaluating open ports and examining the security of each of the answering services.

 

Of course all this assumes you haven't put your server in the DMZ or anything like that.

Should be noted that assuming that the only port you've forwarded to your server is 32400 for Plex, then you're safe and secure.  As @jonathanm said, if you've put the server into a DMZ, or forwarded ports like 80 / 443 without using SWAG or OpenVPN or Unraid.net then you've opened up a big can of worms.

  • Author

Thanks for the advice.

 

No, none of that has happened so i'm good on those fronts. I DO have backups of the really personal stuff as well. But, wen i see people encrypting disks i wonder why if the data access is so secure then why bother? And, i read a lot of posts about problems following encryption. What benefits do you get from doing it and how risky is it to put in place.? SWAG, no idea what that is ... am i getting things confused? What should i be concentrating on now, i do have a full set of backups but do i really need disk encryption or network security tools? I do intend to start opening up for remote access into my machine though so am guessing the answer is yes ...

Edited by superloopy1

5 hours ago, superloopy1 said:

What benefits

Encryption disk was use to prevent person can read disk content directly i.e. stolen / take away disks and not whole system.

 

5 hours ago, superloopy1 said:

am i getting things confused?

I think so, at least 3 aspect relate, (1) data redundancy  (2) raw disk access (3) Network security.

 

5 hours ago, superloopy1 said:

I do intend to start opening up for remote access into my machine

Network security concern, you should audit your router, network and server setting.

 

 

 

15 hours ago, superloopy1 said:

I see all of these discussions about nginx, letsencrypt, swag etc

Those are different technic to enhance overall network security and multiple server service in a local network need different security. A well network design shouldn't only focus on internet, local embed device / PC / handset ..... also need take account.

 

If Plex open access to Internet, you should open necessary TCP/IP port instead all ( DMZ ) at router side, also use stronger password, but those are basic requirement.

Once you know more and more then you will identify all above not the end, nothing were perfect / enough.

 

Edited by Vr2Io

  • Author

Thanks all.

 

I'm going to give a few things a try using a couple of spaceinvaderone's vids.

 

I'll be back soon ... no doubt.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.