The Living Thing / Notebooks :

Running a secure server

Or at least somewhat more secure servers.

So many parts to this! I am not expert at any of them. Moreover, it's a difficult specialist trade to get good at this. But we can make some starts.

Baseline: Making sure you are not instantly p3wned

Securing Ubuntu: My first 10 minutes on a server, basic how to harden ubuntu server. Get a firewall.

SSL

A baseline important detail to use modern web services is SSL, a notoriously tedious process. This recently got easier and cheaper with Let's Encrypt and their client software letsencryptnosudo or simp_le, or the full-stack webserver caddy, which automates the process, or the EFF certbot.

Some pro tips for SSL certs by Reinout van Rees.

Private development servers

For Mac users with a copy of Mac OS Server

it is easy to setup up a local (optionally SSL) site. This costs $25, but saves you a few hours, so probably worth it.

For other Mac users

It's slightly complicated.

For Windows users with IIS

It's medium complicated.

For Linux users

The Mac users' instructions will mostly work if you happen to be using Apache httpd, but if you are using one of the many other web servers, you will have to look it up. You can cheat, though

If you are developing a javascript server and happen to be using webpack, there is a built-in bootleg server.

Proper Online Servers

I'm not the guy to tell you how to run real secure webservers that actually transfer significant information.

OTOH, I do occasionally need to fake SSL so that I can demo fancy javascript online.

Here is how to do that using Cloudflare. (NB If you are not aware of how the following is in fact a fake SSL then you are not qualified to do real security on websites.)

Summary: Don't use it for actual server-side applications, because it will behave as if it's secure while leaking information, but it's ok for developing browser apps that don't meaningfully communicate with the server.

Oh wait, you actually want to do the SSL thing?

Here's a basic emergency guide to doing it with commodity webhosting: Letsencrypt thing with webfaction by Nick Doty.

General services

Firewalls?

Use tor hidden services to not even expose your server's existence?

Lan serving stuff

ClearOS maybe?

Privacy servers

Search proxies

Run your own search server?

General anonymity

See VPNs.