Contributions

14 Contributions
  • Answer

    Unable to Connect to MongoDB in Node App

    Hi, I got it all working however i can’t remember exactly what I did however from what i briefly remember it was something aroun…
    By psmod2
  • Answer

    Can still ping IP even though only 1 droplet allowed via SSH

    Thanks - so as a security precaution is something commonly followed? (I only randomly thought about it). Also - is there anythin…
    By psmod2
  • Question

    Can still ping IP even though only 1 droplet allowed via SSH

    Hi, I have 2 droplets, one containing my DB and one my app. The DB droplet i have UFW installed allowing only the IP of the droplet of my app however when I ping the IP from my laptop it returns data. Is this supposed...
    2 By psmod2 Security Ubuntu 16.04
  • Question

    UFW Setup - Cloudflare IPs and apt-get and SSH

    Hi, I'm a little unsure on how to handle this: I have a Dokku droplet which sits behind my Cloudflare. Now I want to whitelist only cloud flare IPs to access that droplet, however I also need to be able to SSH into th...
    2 By psmod2 Security Ubuntu 16.04
  • Answer

    Nginx - SSL and Handling www / non.www domains

    Hi, I did a ls -a at the path /etc/nginx/sites-enabled and there is only file file default. Anywhere else t…
    By psmod2
  • Question

    Security Tips and Suggestion - Dokku - Node.js App

    Hello, I've recently moved from Heroku to a droplet running Dokku which runs my node.js web app. I'd like to ask what security suggestions I should follow to minimise any risk of getting hacked. As its a web app, I'm ...
    Accepted Answer: @psmod2 The first steps I normally perform are updating the packages and upgrading current packages to make sure everything that's default is up to date. sudo apt-get update \ && sudo apt-get -y upgrade Once that's...
    1 By psmod2 Dokku Node.js Security Ubuntu 16.04
  • Answer

    Nginx - SSL and Handling www / non.www domains

    @jtittle Thanks - changing that CloudFlare to “Full (Strict)” and a reload dokku deploy nodeapp seemed to help. I’ll k…
    By psmod2
  • Question

    Is there a risk to my website with my public ip address?

    Hi, I have a droplet with Dokku and my site is running all ok with my own domain www.mydomain.com. However its also accessible through the public IP address. I was just wondering: 1 - Is this a security risk in any wa...
    2 By psmod2 Nginx Dokku
  • Question

    Nginx - SSL and Handling www / non.www domains

    Hi, I'm writing to confirm my implementation of SSL and www.mydomain.com and mydomain.com (i.e. without www) is correct. I have certs already purchased from name.com. I've got those in place and referenced in the defa...
    4 By psmod2 Nginx Dokku
  • Question

    Unable to Connect to MongoDB in Node App

    Hi, I'm trying to get my Node app (separate droplet) to connect to my mongoDB droplet. I've found a npm called tunnel-ssh however am having trouble. It says "DB connection successful", however data is not coming back....
    2 By psmod2 MongoDB Node.js
  • Question

    MongoDB Security - Are User Roles Required?

    Hi, I have a droplet with my MongoDB. On reading some security tutorials I see mention of enabling auth auth = true however I'm unsure whether I need this? I SSH into my droplet with a sudo account. The operations I ...
    Accepted Answer: @psmod2 Ideally, you want to isolate access and only provide just enough access to a specific user to do the job or task it needs to do. In a way, it's similar to MySQL/MariaDB/Percona -- you wouldn't run commands as...
    1 By psmod2 MongoDB Security
  • Question

    MongoDB Security - Is SSL required as Client and Server As One?

    Hi, I was just going these 10 recommendations (https://scalegrid.io/blog/10-tips-to-improve-your-mongodb-security/) for MongoDB security. Number 8 mentions enabling SSL for data travelling between the Mongo client and...
    3 By psmod2 MongoDB Security
  • Question

    Root Access With SSH - PermitRootLogin or PasswordAuthentication

    Hi, I just did a one click install of MongoDB. I'm SSH into the machine and its all ok. Now, I want to disable password to the machine to prevent brute force, however two different articles are stating two different ...
    Accepted Answer: @Woet From a security standpoint, disabling root login and creating a sudo user is recommended -- it's what many would refer to as a best practice. Please don't say it's not important as that's a misconception. When ...
    3 By psmod2 Security
  • Question

    Moving from Compose and Heroku to Digital Ocean

    Hi, I have a MEAN app. Its still in its infancy so I don't need any fancy hosting and also am very interested in making my own. My DB is with Compose. And the Node API and Angular front end are hosted with Heroku. Thi...
    2 By psmod2 MongoDB MEAN