I’ve been running my server without a firewall for quite some time now, I have a piped instance and snikket running on it. I’ve been meaning to get UFW on it but I’ve been too lazy to do so. Is it a necessary thing that I need to have or it’s a huge security vulnerability? I can only SSH my server from only my local network and must use a VPN if I wanna SSH in outside so I’d say my server’s pretty secure but not the furthest I could take it. Opinions please?
My server is only available on my LAN and via a VPN. Is fail2ban applicable? Or is it mainly for public facing servers?
Only public facing ports, maybe your openvpn login. But that means you are already firewalled up and your attack surface is tiny, good 👍