r/selfhosted security guides

Started from the beginners security guide on r/selfhosted - this repo aims to be a collection of guides on all levels for those who seek to make their selfhosted applications and servers more secure.

What is this?

This place aims to be a collection of security-related knowledge, mainly on the blue-team side. (As there are plenty of red-team collections out there already)

Most guides are third-party while I and some people around me happily contribute (or might do so in the future) to a few self-baked ones as well.

This collection was created in order to help people gain some insight in what they're exposing to the internet and what is or isn't reasonable security in one's situation.

The guides

Introduction

These guides are sorted by subject and difficulty. More will be added as time passes.

Basic concepts

Security theory

Threat modeling

Threat actors

Practical Guides

General

• ImTheNachoMan 's How to secure a Linux server

  @ImTheNachoMan maintains a well-rounded guide into security on Linux platforms, as well trying to teach people why this security matters

• ZeroTier One - A guide to a self-hostable L2/L3 WAN here

  Credit goes to @d-rickyy-b for his hard work!

Beginner

Intermediate

Advanced

InfoSec Pro

Disclaimer and warranty.

I am not associated with the mod team of r/selfhosted not do I express their opinion in any way. I also strongly encourage everyone to perform their own research, and to not mindlessly follow a random guide. Therefor this collection is simply a collection of knowledge and is in no way any turn-key or magic solution to your security-based questions. For further details see LICENSE.md