I have just installed a Peertube instance and would like to know what I need to do to secure my server.
Put simply : I have an nginx server with a reverse proxy installed as per the Peertube production guide. However I have not installed a firewall or any other security measures although I noticed that ports 80 and 443 have been opened during installation.
For Lychee (a photo sharing app), I followed Framasoft’s autohebergement guidelines and installed arno-iptable-firewall, fail2ban, needrestart, rkhunter, etc.
Should I do the same for my peertube server ?
Thanks in advance for any help
There is no security measure that is specific to PeerTube ; put another way, you can/should apply as many security measures as your knowledge and time allows, but they are out of the scope of a guide specific to PeerTube, since this pertains to standard security of a web server.
Ok I understand. Thank you for the answer.
I feel that I would like to install some of the security measures I mentioned above (time permitting as you say) but to do that I would like to undertand how the PeerTube installation opened/secured ports 80 and 443. I didn’t see anything in iptables.
Could you explain briefly please ?
Peertube use only standards http and https ports (80 and 443). There is no other need for allowing incoming connections.
PeerTube doesn’t open the ports you mention. It runs on port 9000 by default. The ports you mention are those of your reverse-proxy, which is where you should look for certificate configuration and security hardening.
Ok. That makes things clearer. Thanks. I’m happy to close this topic.