Category: security

networking, nextcloud, security

NextCloud, a security analysis

There is no privacy without security. First, I would like to scare everyone a little bit in order to have people appreciate the extent of  this statement. As the figure that opens the post indicates, there are thousands of vulnerable Owncloud/NextCloud instances out there. It will surprise many just how easy is to detect those …

debian, linux, networking, nextcloud, raspberrypi, security

ModSecurity Web Application Firewall for NextCloud

There is little point in going through all the trouble of setting up and hosting your own private cloud if it is not properly protected. Running your own service means that you are the sole responsible for its management and security. Having a vulnerable setup poses the risk of your most private data being exposed …

debian, linux, nextcloud, raspberrypi, security

Automatic security updates on a Debian system

Computer security is an issue of paramount importance. More even so whenever we are running services exposed to the internet. Much more even so when those services can compromise sensitive data. The first piece of advice you will always get is “keep your system up to date with the latest security patches”, and my favourite …

debian, linux, networking, nextcloud, raspberrypi, security

Let’s Encrypt installer for Apache

This installer provides a really easy way of installing a signed certificate with Let’s Encrypt for an Apache server. Configuration DOMAIN is the URL to access from outside and inside your house. Use the same one you signed up with no-ip.org or any other DDNS provider. Your website must be accessible from the internet. EMAIL …

debian, linux, networking, nextcloud, raspberrypi, security

NextCloudPi Fail2Ban installer

This is just a little script that installs and configures Fail2Ban to work with NextCloud. Fail2Ban will monitor your personal cloud for brute force attacks and block the IP after a number of bad login attempts. Features SSH jail Nextcloud login jail 6 bad login attempts will block the IP for 10 minutes by default. …