Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Everything on one server

Scheduled Pinned Locked Moved Discuss
7 Posts 4 Posters 397 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C Offline
    C Offline
    cloud802
    wrote on last edited by
    #1

    Hello everyone. I want to self host all my services, just from a security point of view, is it bad to put bitwarden and your email on one server for example? Just thinking if something gets compromised, all my stuff is in one place. From a tracking perspective, is it bad to have all your data from different apps (wallabag, syncthing, bitwarden, email, notes...) going to one IP? Or am I over thinking it. Thanks!

    scookeS 1 Reply Last reply
    0
  • scookeS Offline
    scookeS Offline
    scooke
    replied to cloud802 on last edited by scooke
    #2

    @cloud802 I'm sure more tech-minded folk will expand on this, but, from what I understand, because Cloudron uses Docker, ALL the apps and services are kept separate from one another.

    I suppose if you use easy to guess passwords, and use the same one on different apps, then you are open to attack that way. But that wouldn't be Cloudron's fault. Even if you installed a WordPress plugin, for example, that was hacked, and you lose your WordPress installation, nothing else will be affected. Just reinstall, or restore the WordPress from a known, safe, backup.

    Another attack avenue, related to the password one above, is if you use one domain with subdomains, or more than one domain for the different services, it is easy to whois them and slowly find out which domains are all on that Cloudron server. Then an attacker might wait for some weak spot or zero-days to exploit (of the app on that domain), but that would happen on any service. EVEN THEN, if some service or app was hacked, the auto backups of Cloudron would make it easy as pie to restore everything.

    These are some of the reasons why I love Cloudron.

    A life lived in fear is a life half-lived

    C 1 Reply Last reply
    0
  • C Offline
    C Offline
    cloud802
    replied to scooke on last edited by
    #3

    @scooke Thanks for the info. Appreciate it.

    BrutalBirdieB 1 Reply Last reply
    0
  • BrutalBirdieB Offline
    BrutalBirdieB Offline
    BrutalBirdie Staff
    replied to cloud802 on last edited by
    #4

    @cloud802 for tracking what services run I use https://crt.sh/ to see the registered sub-domains.
    Example one of my domains - https://crt.sh/?q=bigbluebutton.dev

    You cant see which services run on this cloudron from just the domain. 🙂

    For bitwarden I use my yubikey for a second level security.

    Like my work? Consider donating a drink drink. Cheers!

    C 1 Reply Last reply
    1
  • C Offline
    C Offline
    cloud802
    replied to BrutalBirdie on last edited by
    #5

    @brutalbirdie Ahh ok cool awesome!

    humptydumptyH 1 Reply Last reply
    0
  • humptydumptyH Offline
    humptydumptyH Offline
    humptydumpty
    replied to cloud802 on last edited by humptydumpty
    #6

    @cloud802 I just want to add to what @scooke said about Cloudron's amazing backups is that I highly suggest signing up with a 3rd party S3 provider like Backblaze and have it all backed up there. Just in case the VPS/datacenter is compromised (like the OVH fire in the recent past).

    https://docs.cloudron.io/backups/#backblaze-b2

    C 1 Reply Last reply
    2
  • C Offline
    C Offline
    cloud802
    replied to humptydumpty on last edited by
    #7

    @humptydumpty Perfect thank you.

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.