Tell about your best practices setting up a FreeBSD server
-
There are many guides on setting up / hardening your server. Books, the manual, all good resources.
I don't expect you to reproduce full books worth of content, or dump a lifetime of experience into a single post - but certainly anything you think important, under-covered or underappreciated in the "usual" resources, would be keen to know!
To start, if I had to call out one best practice that stuck on me, it would be keeping the base system minimal, and putting services into jails (or, maybe daemonless going forward).
-
There are many guides on setting up / hardening your server. Books, the manual, all good resources.
I don't expect you to reproduce full books worth of content, or dump a lifetime of experience into a single post - but certainly anything you think important, under-covered or underappreciated in the "usual" resources, would be keen to know!
To start, if I had to call out one best practice that stuck on me, it would be keeping the base system minimal, and putting services into jails (or, maybe daemonless going forward).
Sidenote: some of the search results coming up
- https://docs.freebsd.org/en/books/handbook/security/
- https://github.com/wravoc/harden-freebsd (comments at https://forums.freebsd.org/threads/my-freebsd-hardening-script.89523/)
- https://www.freebsdsoftware.org/blog/hardening-freebsd-server/
- https://vez.mrsk.me/freebsd-defaults
- https://hardenedbsd.org/content/about
-
S stefano@mastodon.bsd.cafe shared this topic