Looking for a way to make Cloudron more secure. Rather - have more auditable security. Last year I spent time trying to get bitninja.io to play nice with Cloudron but ultimately gave up because BN was crashing my services, and it was too risky to fiddle around... Actually I was unable to remove it and had to migrate to a whole new server to restore normal functionality.
Has anyone had luck getting Cloudron to play nice with an active treat detection program? How did you set it up, which ones did you use?
The security ven diagram.
Easy to install, and kind of builds a nice wall. If you don't have the password you cannot get in.
BitNinja or Other Sec Software
Actively scans your system looking for signs of an attack, suspicious traffic, and logins from strange destinations and strange queries.
Low Level Plugin Support for Bit Ninja or other active threat management software.
Note - this could be a revinue source for cloudron as you will get a referral fee any time some creates a paid account on an external service like this.
Something like Crowdsec is surely a step in the right direction. Unfortunately I do not know enough about security to write the guide on configuring these solutions. However - I know enough to know that it is desperately needed. Especially for SMB and Enterprise applications.
In general - Wouldn't it be nice to have a control center where you can know who is accessing your server, what they are doing, and if anything suspicious is going on?