How do you test?

[madsiv]

How do you test your security when doing installs etc?

I've worked within the field for some time now, and do know how to secure it quite well. But that doesn't matter if it cant hold up to a standard of some sort.

So my question is, how would you test servers? (Like dedicated setups and/or websites with database etc)

Do you follow a routine or what do you do?

 

[madsiv]

You should look into my Server stress where I can test your Minecraft server to see if it's ready for release or ready for more players/traffic. I am a commission manager for more detail please contact me on discord then ill send you an invite to the main server.

--------------------------
Server Stress Testing Prices
--------------------------
75-100 Bots - 10$
100-250 Bots - 15$
250-500 Bots - 20$
500-1000 Bots - 30$
---------------------------

My Discord --> Bilal#8924

That is quite annoying that you just copy and paste it into a Sys admin thread. Not about Minecraft servers
But that might just be my opinion

 

[madsiv]

That is also how I think when securing, but never really thought much about it.

Normally I make so you need to make a specific tunnel to get into the PHPMyAdmin for example, all the administrative websites basically. Followed along with a successful connection via RSA-8K Byte SSHkey.

But there are probably millions of methods to secure a server isn't there?

 

[madsiv]

Whoah, that's much to read.

Thanks for the information Really appreciate it
I'm going to give it a read, and do some stuff with it

 

[madsiv]

For all intents and purposes this is just unnecessary, if there's administrative sites that have sensitive information or sensitive nature, you'd be best off using a vLAN, wireguard provides 10.66.66.1/24 to use, just have users use a VPN to connect to the service.[DOUBLEPOST=1608490674][/DOUBLEPOST]

If security is still a concern for you, remember that by doing this, the site is not facing the internet. The only way anyone outside looking in would know that the site exists is if there is human error. I.E, someone gave that information up - otherwise, it's invisible without the VPN.

You can always hide the site behind a smokescreen too, instead of rendering a 403 forbidden error, you could always just configure this to 404 not found.

I've not messed around with it much, might wanna do that.
Thanks for heads up though

 

[UnfriendlyDuck]

That is quite annoying that you just copy and paste it into a Sys admin thread. Not about Minecraft servers
But that might just be my opinion

Oh no, you're 100 Correct. Botting a server like that is incredibly easy, anyone can do it and it's completely irrelevant.

 

[DoYouThink]

How do you test your security when doing installs etc?

I've worked within the field for some time now, and do know how to secure it quite well. But that doesn't matter if it cant hold up to a standard of some sort.

So my question is, how would you test servers? (Like dedicated setups and/or websites with database etc)

Do you follow a routine or what do you do?

I would love to be paid to hack into a server as a white hat!