xxx59712 Posted February 29, 2016 Report Share Posted February 29, 2016 Hi, I would like to setup BtSync on my VPS but I do not fill comfortable with the security overall. Could somebody be so kind to sum up the steps I can take to secure BtSync. So far the only thing I did apart from set login and password on the GUI is that I blocked port 8888 from the outside (with iptable rule) Thanks. Quote Link to comment Share on other sites More sharing options...
Connor0308 Posted February 29, 2016 Report Share Posted February 29, 2016 Hi, what exactly don't you feel comfortable with? If it is the security of the GUI, you can use a password protection, a custom port and force SSL-connection. Please keep in mind that the GUI does nothing more or less than to configure the traffic, which uses different ports and enctyption. When referring to the traffic, it is encrypted using TLS at 128 bit (please correct me if I am wrong), which isn't to bad, I think. So what exaczly is your concern? Br, Connor Quote Link to comment Share on other sites More sharing options...
Moe Posted February 29, 2016 Report Share Posted February 29, 2016 Please read this: https://danieldk.eu/Posts/2015-10-18-erp.html Especially the last section Quote Link to comment Share on other sites More sharing options...
xxx59712 Posted February 29, 2016 Author Report Share Posted February 29, 2016 4 hours ago, Connor0308 said: So what exaczly is your concern? I thought the GUI was pretty powerful, you are right there is not much to see. I was taught to always lock down service facing the Internet as much as possible. If the GUI is exposed, it is an still issue. Otherwise I guess the only port open on the outside is the BtSync daemon that is, I agree encrypted. 3 hours ago, Moe said: Please read this: https://danieldk.eu/Posts/2015-10-18-erp.html Especially the last section I will carefully review that article. But that matches what I thought, the GUI is behind a firewall and only bind to localhost. So from the outside, the only way to access it is to do a SSH tunneling or browse through a SSH bash session using a command line browser. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.