| ▲ | mschuster91 a day ago | |||||||
The problem is, having a server on the internet is painful because you have to be constantly on guard for patches - if not you'll get hacked sooner than later. | ||||||||
| ▲ | AndrewStephens 8 hours ago | parent | next [-] | |||||||
You are getting some pushback but you are not wrong. I thought I was being pretty careful with my DO droplet but just last weekend discovered that it had been hacked and was consorting with mysterious IP addresses in Russia and Brazil. This was on a box that was firewalled and ssh was locked down. It was running an older kernel - that was probably my downfall. I immediately shut down and rebuilt the droplet with a more modern kernel. It wasn't too hard because my site is (mostly) static with a simple custom service but is very discouraging to find that somebody has damaged your home project just to (I assume) make a small amount of money. | ||||||||
| ▲ | barnabee a day ago | parent | prev | next [-] | |||||||
Debian with unattended-upgrades and a [weekly] scheduled restart has worked for me for a long time. | ||||||||
| ||||||||
| ▲ | em-bee a day ago | parent | prev | next [-] | |||||||
patches for what? ssh? the service i am running? the linux kernel, but only for remote exploitable issues, of which there have been how many? seriously, it's not that hard to keep a server uptodate | ||||||||
| ▲ | immibis 13 hours ago | parent | prev | next [-] | |||||||
This fear is way overblown - at least for the basic operating system. Web apps are much more risky. Sandbox them thoroughly. | ||||||||
| ▲ | andrewmcwatters a day ago | parent | prev [-] | |||||||
What? | ||||||||