The Living Thing / Notebooks : Running a secure server

Or at least a somewhat more secure server.

So many parts to this, and I care so little about any of them.

Making sure you are not instantly p3ned

http://www.codelitt.com/blog/my-first-10-minutes-on-a-server-primer-for-securing-ubuntu/

SSL

Nonetheless, a baseline important detail to use modern web services is SSL, a notoriously tedious process. This recently got easier and cheaper with Let’s Encrypt and their client software letsencruptnosudo or simp_le, or the full-stack webserver caddy, which automates the process.

private development servers

For Mac users with a copy of Mac OS Server*
it is easy to setup up a local SSL site. This costs $25, but saves you a few hours, so probably worth it.
For other Mac users
it’s slightly complicated.
For Windows users with IIS
it’s medium complicated
For Linux users
the Mac users’ instructions will mostly work if you happen to be using Apache httpd, but if you are using one of the many other web servers, you will have to look it up. You can cheat, though

If you are developing a javascript server and happen to be using webpack, there is a built-in bootleg SSL server.

proper online servers

On a larger scale you can fake it, if you are careful, with cloudflare:

Summary: Don’t use it for actual server-side applications, because it will behave as if it’s secure while leaking information, but it’s ok for developing browser apps that don’t meaningfully communicate with the server.

Here’s an easy howto do the letsencrypt thing with webfaction by Nick Doty

VPN/Proxy/privacy/anonymisation servers

Run your own search server?

Running your own VPN/proxy/anonymizing/p2p etc servers can be less convenient for the panopticon for other stuff.

Note, however, that virtual machines on someone else’s cloud can never be especially secure from determined nasty persons or state actors.