Security:Recommendations

Securing Production Servers

Data Storage

• set up encrypted storage

Network

• firewall off all incoming connections except for destination ports HTTP (80), HTTPS (443), SSH (default 22).
• firewall off the Nomad network interface
• Enable HTTPS and ensure the certificates are valid

Application

• Enable 2 factor authentication
• Enable auto logout
• Enable hoover rate limit

Update to latest

Follow the Maintenance page on keeping the system up to date and run the latest security patches. Please so subscribe to https://github.com/liquidinvestigations/node and https://github.com/liquidinvestigations/cluster releases to be notified when there's one.

Reporting Security Bugs

Please report all security-related bugs at rcij@riseup.net (pgp: 0x8234F8D4A624D9F4).