My xcp-ng box is currently in the DMZ with an public IP on it since its cloud hosted by a provider. What’s the best way to lock it down to prevent hacking and security problems but still maintain access to the management console? I already disabled ssh access through the xcp-ng management console option. Do I need to do anything else? TIA!
Put a firewall in front of it and use a VPN.
I don’t have that option since its cloud hosted. I put pfsense after it as a virtual machine.
Never tested but something like this could lock it down a bit more.
Thank you! Ill take a look!