Heya, I feel pretty dumb to not know much about this. I’ve been searching endlessly for hours, but couldn’t personally find anything that answers my question, so I decided to ask you guys who actually know how these things work.
So, I have setup a Fedora Server to my old unused MacBook. It’s connected to a modem via ethernet cable, and I use it to run Docker containers like FileBrowser, Yacht, Plex, Git server, etc.
The server does have internet access. But I’m wondering how much do I really need to secure my server? To my knowledge, the server shouldn’t be accessible outside from my network, but I’m not really sure(?). How would I make sure that the server isn’t accessible from outside my network?
I’m certain that no one will be able to connect to my network/wifi, so I wouldn’t stress about people gaining access to my server if they would only be able to access to it from my local network, but I’m unsure if my server is available outside of my LAN.
I would appreciate any help!
There must be a way to open ports on your modem (that is NAT forwarding). If no port is open, there is no way to gain access to your server. If a port is open, then there might be a way for an intruder to get into your network. The reality is a bit more complex (man in the middle, …) but it would make sense only if your data is of value or if someone means you harm.
Make sure upnp is not enabled on your modem/router. Scan your public IP from the outside, or use shields up to see if anything is exposed.
UPnP got me some lovely ransomware once. Never again.