How-to secure server after DO 1-click install

Hi there,

Noob here, I just did a fresh install on Digital Ocean (DO) for a 1-click Ghost install. Worked well, but I remember there being a mention during the install that I should secure the server after it’s finished. But I don’t see any instructions on how to do that or what that means.

I was wondering if someone could point me to a good newbie tutorial or to explain it here what I should be doing to secure my droplet.?

Thanks so much in advance,

Hey, you’re just like me. I self-host using digitalocean but I didn’t go the one click route. Reason for that is I initially installed ghost under root user instead of using a super user. I don’t think it’s recommended or even allowed to run ghost under root. Don’t quote me on that last bit. This terminology was beyond me a few days ago and still is but I watched and followed this guy’s setup tutorial line for line and got things working.

And by securing your server, I assume you’re thinking about setting up a firewall. He goes through that around the 20:50 mark.

If not, then you can check this out by digital ocean. I haven’t watched yet so I don’t know how simple the instructions are but the more you interact with terminal the more familiar you’ll get with dealing with things related to your server.

1 Like

Hey, thanks for the reply. Yeah I think we are at similar levels. Still trying to get through some of the jargon. And yeah I’m mainly trying to “secure” the droplet from outside attacks. I think there are some best practices and such, I’m just not sure what to do or how to do it. But thanks for that DO link, I’ll check that out. Looks perfect.

I also found this article on DO too, you might find useful.

1 Like

I would look into Cloudflare. There’s a whole range of things and advice for hardening if you’re looking for those kinds of articles online but I’d rather just go with Cloudflare, it’s free and it’s faster. You still have to do all of the mentioned above but, the one-click install would have saved you a lot of that hassle. I mean to each their own but some people will tinker with VPS and servers for years and still not understand the basics.

1 Like

Oh interesting. I didn’t know about it and you make a good point. Do you use it yourself?