Level 88
This thread might be interested! Especially the replies from @bashy and @fideloper
Thread: https://laracasts.com/discuss/channels/forge/what-does-forge-in-terms-of-security?page=1
Sep 25, 2018
3
Level 5
Security hardening for a Forge on digital ocean setup
Hi there,
We're looking to harden our server we've set up using forge on digital ocean. I've had a look around but can't really find a good, up-to-date security hardening checklist
Does anyone have a good checklist of enhancements to be made?
Many thanks!
Level 65
Some of it is very opinionated as well. Using a firewall to only open certain ports is good but Linux is very secure itself anyway. It's mostly down to software that's installed.
Things like memcached can listen on all interfaces so people can post stuff directly to it without a password for example.
Level 5
Just wanted to say thanks for the link to the discussion, we were able to get through the security evaluation with a few tweaks here and there!
Please or to participate in this conversation.